Changelogs » Kubernetes

PyUp Safety actively tracks 232,000 Python packages for vulnerabilities and notifies you when to upgrade.



be deprecated as and when Kubernetes version v1.15 gets deprecated.


**Bug Fix:**
  - Fix a fatal bug in package setup [kubernetes-client/python1011](


**Bug Fix:**
  - Fix a bug in kubeconfig loader where NoneType gets iterated [kubernetes-client/python-base158](
  - Fix a bug in kubeconfig loader that False value gets treated as absence [kubernetes-client/python-base161](
  - Fix a bug in kubeconfig loader where merging valid configs fails if fields are missing [kubernetes-client/python-base163](
  - Fix azure refresh token apiserver id [kubernetes-client/python-base170](
  - Support chunked listing to custom object API [kubernetes-client/gen130](
  **New Feature:**
  - Add returncode method to WSClient [kubernetes-client/python-base160](
  - Add proxy support to WSClient [kubernetes-client/python-base157](
  - Add util function to parse canonical quantities [kubernetes-client/python855](


**New Feature:**
  - Add dynamic client [kubernetes-client/python-base56](
  - `create_from_yaml` supports creation from dict and namespace option [kubernetes-client/python795](
  **Breaking Change:**
  - The Python client will be generated by openapi-generator, with the following breaking changes [kubernetes-client/gen97](
  - `kubernetes.client.apis` package is renamed to `kubernetes.client.api`
  - `kubernetes` package code now uses absolute import instead of relative import
  - The `swagger_types` attribute in all models is renamed to `openapi_types`
  - Python3.4 is no longer supported [kubernetes-client/python807](
  **API Change:**
  - Introduce `ExtensionsV1beta1RuntimeClassStrategyOptions` and `PolicyV1beta1RuntimeClassStrategyOptions`. Add RuntimeClass restrictions & defaulting to PodSecurityPolicy [kubernetes/kubernetes73795](
  - Introduce `V1WindowsSecurityContextOptions`. Add Windows specific options in Pod Security Context and Container Security Context [kubernetes/kubernetes77147](
  - Split `V1beta1Webhook` into `V1beta1MutatingWebhook` and `V1beta1ValidatingWebhook` [kubernetes/kubernetes78491](
  - Introduce parameter `allow_watch_bookmarks` in list options for requesting watch bookmarks from apiserver. The implementation in apiserver is hidden behind feature gate `WatchBookmark` (currently in Alpha stage) [kubernetes/kubernetes74074](
  - Add `V1DeleteOptions` parameters (`dry_run`, `grace_period_seconds`, `orphan_dependents`, `propagation_policy`) to delete collection APIs [kubernetes/kubernetes77843](
  - Add ListMeta.RemainingItemCount. When responding a LIST request, if the server has more data available, and if the request does not contain label selectors or field selectors, the server sets the ListOptions.RemainingItemCount to the number of remaining objects [kubernetes/kubernetes75993](
  - Add `controller_expand_secret_ref` in `V1SecretReference` to store CSI volume expansion secrets [kubernetes/kubernetes77516](
  - Introduce `preemption_policy` field to V1PriorityClass [kubernetes/kubernetes74614](
  - Add `port` configuration to service reference in Admission webhook configuration, AuditSink webhook configuration, CRD Conversion webhook configuration and kube-aggregator [kubernetes/kubernetes74855](
  - Introduce `inline_volume_spec` to `V1PersistentVolumeSpec` [kubernetes/kubernetes77703](
  - Add fields `x_kubernetes_embedded_resource`, `x_kubernetes_int_or_string`, `x_kubernetes_preserve_unknown_fields` to V1beta1JSONSchemaProps [kubernetes/kubernetes77207](
  **Bug Fix:**
  - Update `_load_azure_token` to handle str and int [kubernetes-client/python-base141](
  - Correct regex to properly parse rfc3339 microseconds [kubernetes-client/python-base150](


**Bug Fix:**
  - Fixed issue in `__del__` method of the `ApiClient` that caused an indefinite hang during garbage collection. *Note* The `ApiClient` `ThreadPool` will no longer be cleaned up automatically during garbage collection, instead the `close` method must be invoked directly, or the `ApiClient` can be used as a context manager. [kubernetes-client/python1073](


**Bug Fix:**
  - Fix content type regression in custom object patch API [kubernetes-client/python866](
  **Security Fix:**
  - Bump urllib3 version to pick up security fix for CVE-2019-11324 [kubernetes-client/python897](

10.0.0 not secure

**Bug Fix:**
  - Fix base64 padding for kube config [kubernetes-client/python-base79](
  - Fix websocket client decoding binary message. Replace non-utf8 data instead of failing [kubernetes-client/python-base104](
  - Add email scope to GCP provided credential refresh [kubernetes-client/python-base110](
  - Fix broken urllib3 dependencies [kubernetes-client/python816](
  **New Feature:**
  - Add method to dynamically set namespace in yaml utility [kubernetes-client/python782](


**Bug Fix:**
  - Make watch work with read_namespaced_pod_log [kubernetes-client/python-base93](
  - Add Rbac support for creating from YAML [kubernetes-client/python767](
  **New Feature:**
  - Config loader supports loading from multiple kubeconfig files [kubernetes-client/python-base94](
  - Add a script to fix setup on Windows [kubernetes-client/python766](
  - Extend YAML load functionality to \*LIST and multi-resources [kubernetes-client/python673](
  **API Change:**
  - Remove the AdmissionregistrationV1alpha1 API group, containing only the InitializationConfiguration type [kubernetes/kubernetes72972](
  - Promote Lease API to v1 [kubernetes/kubernetes72239](
  - The Ingress API is now available via `NetworkingV1beta1Api`. `ExtensionsV1beta1Api` Ingress objects are deprecated and will no longer be served in Kubernetes v1.18 [kubernetes/kubernetes74057](
  - Introduce RuntimeClass to NodeV1alpha1Api and NodeV1beta1Api [kubernetes/kubernetes74433](
  - Graduate PriorityClass API to GA SchedulingV1Api [kubernetes/kubernetes73555](
  - Introduce CSINodeInfo and CSIDriver to StorageV1beta1Api [kubernetes/kubernetes74283](
  - The alpha Initializers feature, `` API version, `Initializers` admission plugin, and use of the `metadata.initializers` API field have been removed. Discontinue use of the alpha feature and delete any existing `InitializerConfiguration` API objects before upgrading. The `metadata.initializers` field will be removed in a future release. The parameter `include_uninitialized` has been removed. [kubernetes/kubernetes72972](


**Bug Fix:**
  - Add fieldSelector parameter to list/watch methods in custom objects spec [kubernetes-client/gen106](


**Breaking Change:**
  - Move dependancy adal under extra require [kubernetes-client/python-base108](
  **Bug Fix:**
  - Honor the specified resource version in stream request when watch restarts [kubernetes-client/python-base109](
  **API Change:**
  - Add timeoutSeconds parameter to CustomObjectsApi list/watch calls [kubernetes-client/gen94](
  **New Feature:**
  - Avoid creating unused ThreadPools [kubernetes-client/gen91](


**Bug Fix:**
  - Refresh GCP auth tokens on API retrieval [kubernetes-client/python-base92](
  - Fix kubeconfig loading failure when server uri contains trailing slash [kubernetes-client/python-base45](
  **Security Fix:**
  - Bump urllib3 version to pick up security fix for CVE-2018-20060 [kubernetes-client/python707](
  **API Change:**
  - Add dynamic audit configuration api: AuditregistrationV1alpha1Api [kubernetes/kubernetes67547](
  - CSIPersistentVolume feature, i.e. PersistentVolumes with CSIPersistentVolumeSource, is GA. CSIPersistentVolume feature gate is now deprecated and will be removed according to deprecation policy. [kubernetes/kubernetes69929](
  - Add support for CRD conversion webhook [kubernetes/kubernetes67006](
  - CRD supports multi-version Schema, Subresources and AdditionalPrintColumns (NOTE that CRDs created prior to 1.13 populated the top-level additionalPrinterColumns field by default. To apply an update that changes to per-version additionalPrinterColumns, the top-level additionalPrinterColumns field must be explicitly set to null). [kubernetes/kubernetes70211](
  - Add ability to control primary GID of containers through Pod Spec and PodSecurityPolicy [kubernetes/kubernetes67802](
  - Refactor GlusterFS PV spec. This patch introduces glusterfsPersistentVolumeSource addition to glusterfsVolumeSource. All fields remains same as glusterfsVolumeSource with an addition of a new field called `EndpointsNamespace` to define namespace of endpoint in the spec. [kubernetes/kubernetes60195](
  - Delete request's body parameter is optional [kubernetes/kubernetes70032](
  - Make service environment variables optional [kubernetes/kubernetes68754](
  - TokenReview now supports audience validation of tokens with audiences other than the kube-apiserver. [kubernetes/kubernetes62692](
  **Breaking Change:**
  - Model v1beta1WebhookClientConfig is renamed to AdmissionregistrationV1beta1WebhookClientConfig, to avoid naming conflict with ApiextensionsV1beta1WebhookClientConfig introduced in: [kubernetes/kubernetes67006](
  - Delete request's body parameter is optional [kubernetes/kubernetes70032](


**Bug Fix:**
  - Refresh GCP auth tokens on API retrieval [kubernetes-client/python-base92](
  - Fix kubeconfig loading failure when server uri contains trailing slash [kubernetes-client/python-base45](
  **Security Fix:**
  - Bump urllib3 version to pick up security fix for CVE-2018-20060 [kubernetes-client/python707](

8.0.0 not secure

**New Feature:**
  - Add utility to create API resource from yaml file [kubernetes-client/python655](


**Bug Fix:**
  - Update ExecProvider to use safe\_get() to tolerate kube-config file that sets
  `args: null` and `env: null` [kubernetes-client/python-base91](
  - Properly deserialize API server's response when posting a deployment rollback [kubernetes/kubernetes68909](
  **API Change:**
  - dry-run: CREATE/UPDATE/PATCH methods now support dryRun parameter [kubernetes/kubernetes69359](


**New Feature:**
  - Add exec-plugins support in kubeconfig [kubernetes-client/python-base75](
  **Bug Fix:**
  - Fix reading kubeconfig data with bytes in Python 3
  **API Change:**
  - Upon receiving a LIST request with expired continue token, the apiserver now returns a continue token together with the 410 "the from parameter is too old " error. If the client does not care about getting a list from a consistent snapshot, the client can use this token to continue listing from the next key, but the returned chunk will be from the latest snapshot [kubernetes/kubernetes67284](
  - Introduces autoscaling/v2beta2 and custom\_metrics/v1beta2, which implement metric selectors for Object and Pods metrics, as well as allowing AverageValue targets on Objects, similar to External metrics [kubernetes/kubernetes64097](
  - Create "" api group with "Lease" api in it [kubernetes/kubernetes64246](
  - Added support to restore a volume from a volume snapshot data source: adds TypedLocalObjectReference in the core API and adds DataSource in PersistentVolumeClaimSpec [kubernetes/kubernetes67087](
  - ProcMount added to SecurityContext and AllowedProcMounts added to
  PodSecurityPolicy to allow paths in the container's /proc to not be masked [kubernetes/kubernetes64283](
  - Support both directory and block device for local volume plugin FileSystem
  VolumeMode [kubernetes/kubernetes63011](
  - SCTP is now supported as additional protocol (alpha) alongside TCP and UDP in
  Pod, Service, Endpoint, and NetworkPolicy [kubernetes/kubernetes64973](
  - RuntimeClass is a new API resource for defining different classes of runtimes
  that may be used to run containers in the cluster. Pods can select a
  RunitmeClass to use via the RuntimeClassName field. This feature is in alpha,
  and the RuntimeClass feature gate must be enabled in order to use it [kubernetes/kubernetes67737](
  - The PodShareProcessNamespace feature to configure PID namespace sharing within
  a pod has been promoted to beta [kubernetes/kubernetes66507](
  - To address the possibility dry-run requests overwhelming admission webhooks that rely on side effects and a reconciliation mechanism, a new field is being added to and so that webhooks can explicitly register as having dry-run support. If a dry-run request is made on a resource that triggers a non dry-run supporting webhook, the request will be completely rejected, with "400: Bad Request". Additionally, a new field is being added to the API object, exposing to webhooks whether or not the request being reviewed is a dry-run [kubernetes/kubernetes66936](
  - Add custom object status and scale api [kubernetes-client/gen72](
  - dry-run: DELETE operations now support dryRun parameter [kubernetes/kubernetes65105](
  - Default extensions/v1beta1 Deployment's ProgressDeadlineSeconds to MaxInt32


**Security Fix:**
  - Bump urllib3 version to pick up security fix for CVE-2018-20060 [kubernetes-client/python707](

7.0.0 not secure

**New Features:**
  - Add support for refreshing Azure tokens [kubernetes-client/python-base77](

7.0.0b1 not secure

**New Features:**
  - Add Azure support to authentication loading [kubernetes-client/python-base74](

7.0.0a1 not secure

**Breaking Change:**
  - **ACTION REQUIRED** Rename the currently being-used `async` parameter to `async_req` to support Python 3.7 because it's a reserved keyword in Python 3.7 [kubernetes-client/gen67](
  **Bug Fix:**
  - Watch now properly deserializes custom resource objects and updates resource version [kubernetes-client/python-base64](
  - `idp-certificate-authority-data` in kubeconfig is now optional instead of required for OIDC token refresh [kubernetes-client/python-base69](
  **API Change:**
  - ApiextensionsV1beta1Api: Add PATCH and GET to custom_resource_definition_status [kubernetes/kubernetes63619](
  - ApiregistrationV1Api and ApiregistrationV1beta1Api: Add PATCH and GET to api_service_status [kubernetes/kubernetes64063](
  - CertificatesV1beta1Api: Add PATCH and GET to certificate_signing_request_status [kubernetes/kubernetes64063](
  - SchedulingV1beta1Api: Promote priority_class to beta [kubernetes/kubernetes63100](
  - PodSecurityPolicy now supports restricting hostPath volume mounts to be readOnly and under specific path prefixes [kubernetes/kubernetes58647](
  - The Sysctls experimental feature has been promoted to beta (enabled by default via the `Sysctls` feature flag). PodSecurityPolicy and Pod objects now have fields for specifying and controlling sysctls. Alpha sysctl annotations will be ignored by 1.11+ kubelets. All alpha sysctl annotations in existing deployments must be converted to API fields to be effective. [kubernetes/kubernetes63717](
  - Add CRD Versioning with NOP converter [kubernetes/kubernetes63830](
  - Volume topology aware dynamic provisioning [kubernetes/kubernetes63233](
  - Fixed incorrect OpenAPI schema for CustomResourceDefinition objects with a validation schema [kubernetes/kubernetes65256](

6.1.0 not secure

- Python 3.7 support
  - Update to Kubernetes 1.10.10 API
  **Breaking Change:**
  - **ACTION REQUIRED** Rename the currently being-used `async` parameter to `async_req` to support Python 3.7 because `async` is a reserved keyword in Python 3.7 [kubernetes-client/gen67](
  - **NOTE** Python 3.7 was released after v6.0.0 release. It's not necessary to upgrade your client to v6.1.0 if you do not use Python 3.7+.
  **API change:**
  - Add custom object status and scale api kubernetes-client/gen72

6.0.0 not secure

- Config loader now supports OIDC auth [kubernetes-client/python-base48](
  - Bug fix: fix expiry time checking in API token refresh [kubernetes-client/python-base55](

6.0.0b1 not secure

- Update to Kubernetes 1.10 cluster
  - Config loader now raises exception on duplicated name in kubeconfig [kubernetes-client/python-base47](
  **API change:**
  - CustomObjectsApi: Add PATCH to CustomObjectsApi [kubernetes-client/gen53](
  - Promoting the (aggregation) to GA (ApiregistrationV1Api) [kubernetes/kubernetes58393](
  - CoreV1Api: remove /proxy legacy API (deprecated since kubernetes v1.2). Use the /proxy subresources on objects that support HTTP proxying [kubernetes/kubernetes59884](
  - The `PodSecurityPolicy` API has been moved to the `policy/v1beta1` API group. The `PodSecurityPolicy` API in the `extensions/v1beta1` API group is deprecated and will be removed in a future release. Authorizations for using pod security policy resources should change to reference the `policy` API group after upgrading to 1.11 [kubernetes/kubernetes54933](
  - StorageV1beta1Api: Introduce new `VolumeAttachment` API Object [kubernetes/kubernetes54463](
  - V1FlexPersistentVolumeSource: PersistentVolume flexVolume sources can now reference secrets in a namespace other than the PersistentVolumeClaim's namespace [kubernetes/kubernetes56460](
  - ACTION REQUIRED: VolumeScheduling and LocalPersistentVolume features are beta and enabled by default.  The PersistentVolume NodeAffinity alpha annotation is deprecated and will be removed in a future release [kubernetes/kubernetes59391](
  - Allows HorizontalPodAutoscaler to use global metrics not associated with any Kubernetes object (for example metrics from a hoster service running outside of Kubernetes cluster) [kubernetes/kubernetes60096](
  - v1.Pod now has a field to configure whether a single process namespace should be shared between all containers in a pod. This feature is in alpha preview. [kubernetes/kubernetes58716](
  - delete_namespaced_service() now takes an required body (delete option) parameter. Refactor service storage to remove registry wrapper [kubernetes/kubernetes59510](
  **Documentation update:**
  - Never let cluster-scoped resources skip webhooks [kubernetes/kubernetes58185](
  - Clarify that ListOptions.Timeout is not conditional on inactivity [kubernetes/kubernetes58562](
  - Indicate endpoint subsets are an optional field [kubernetes/kubernetes59434](

5.0.0 not secure

- No changes. The same as `v5.0.0b1`.

5.0.0b1 not secure

- Update to Kubernetes 1.9 cluster
  - Label selector for pods is now required and must match the pod template's labels for v1beta2 StatefulSetSpec, ReplicaSetSpec, DaemonSetSpec and DeploymentSpec kubernetes/kubernetes55357
  - The dynamic admission webhook is split into two kinds, mutating and validating. The kinds have changed completely and old code must be ported to - MutatingWebhookConfiguration and ValidatingWebhookConfiguration kubernetes/kubernetes55282
  - DaemonSet, Deployment, ReplicaSet, and StatefulSet have been promoted to GA and are available in the apps/v1 group version kubernetes/kubernetes53679
  - Introduce new VolumeAttachment object kubernetes/kubernetes54463
  - Introduce core/v1 RBDPersistentVolumeSource kubernetes/kubernetes54302
  - StatefulSet status now has support for conditions kubernetes/kubernetes55268
  - DaemonSet status now has support for conditions kubernetes/kubernetes55272

4.0.0 not secure

- api change V1PersistentVolumeSpec to V1ScaleIOPersistentVolumeSource 397.

4.0.0b1 not secure

- Make sure PyPI source distribution is complete with all files from the root directory

4.0.0a1 not secure

- Update to Kubernetes 1.8 cluster
  - IntOrString is now object thus it can be int or string. 18 359
  - Adding stream package to support calls like exec. The old way of calling them is deprecated. See [Troubleshooting](README.mdwhy-execattach-calls-doesnt-work)).
  - config.http_proxy_url is deprecated. use configuration.proxy instead.
  - Configuration is not a singleton object anymore. Please use Configuraion.set_default to change default configuration.
  - Configuration class does not support `ws_streaming_protocol` anymore. In ApiClient.set_default_header set `sec-websocket-protocol` to the preferred websocket protocol.

3.0.0 not secure

- Fix Operation names for subresources kubernetes/kubernetes49357

3.0.0b1 not secure

- Add proper GCP config loader and refresher kubernetes-client/python-base22
  - Add ws_streaming_protocol and use v4 by default kubernetes-client/python-base20
  - Respect the KUBECONFIG environment variable if set kubernetes-client/python-base19
  - Allow setting maxsize for PoolManager kubernetes-client/python-base18
  - Restricting the websocket-client to <=0.40 299

3.0.0a1 not secure

- Update client to kubernetes 1.7
  - Support ThirdPartyResources (TPR) and CustomResourceDefinitions (CRD). Note that TPR is deprecated in kubernetes 251 201
  - Better dependency management 136
  - Add support for python3.6 244

2.0.0 not secure

- No changes. The same as `v2.0.0b1`.


- Bugfix: support RFC6902 'json-patch' operations 187

2.0.0b1 not secure

- Add support for attach API calls 180
  - Bugfix: token file should not be decoded 182
  - Inline primitive models (e.g. v1.Time and resource.Quantity) 179
  - Bugfix: urllib3 1.21 fails tests, Excluding version 1.21 from dependencies 197

2.0.0a1 not secure

- Update to kubernetes 1.6 spec 169


**API Change:**
  - Resolve regression in metadata.managedFields handling in update/patch requests submitted by older API clients ([91748](, [apelisse]( [SIG API Machinery and Testing]
  - Fix bug where sending a status update completely wipes managedFields for some types. ([90033](, [apelisse]( [SIG API Machinery and Testing]
  - The `MutatingWebhookConfiguration` and `ValidatingWebhookConfiguration` APIs have been promoted to ``:
  - `failurePolicy` default changed from `Ignore` to `Fail` for v1
  - `matchPolicy` default changed from `Exact` to `Equivalent` for v1
  - `timeout` default changed from `30s` to `10s` for v1
  - `sideEffects` default value is removed, and the field made required, and only `None` and `NoneOnDryRun` are permitted for v1
  - `admissionReviewVersions` default value is removed and the field made required for v1 (supported versions for AdmissionReview are `v1` and `v1beta1`)
  - The `name` field for specified webhooks must be unique for `MutatingWebhookConfiguration` and `ValidatingWebhookConfiguration` objects created via ``
  - The `AdmissionReview` API sent to and received from admission webhooks has been promoted to ``. Webhooks can specify a preference for receiving `v1` AdmissionReview objects with `admissionReviewVersions: ["v1","v1beta1"]`, and must respond with an API object in the same `apiVersion` they are sent. When webhooks use ``, the following additional validation is performed on their responses:
  - `response.patch` and `response.patchType` are not permitted from validating admission webhooks
  - `apiVersion: ""` is required
  - `kind: "AdmissionReview"` is required
  - `response.uid: "<value of request.uid>"` is required
  - `response.patchType: "JSONPatch"` is required (if `response.patch` is set) ([80231](, [liggitt](
  - The `CustomResourceDefinition` API type is promoted to `` with the following changes:
  - Use of the new `default` feature in validation schemas is limited to v1
  - `spec.scope` is no longer defaulted to `Namespaced` and must be explicitly specified
  - `spec.version` is removed in v1; use `spec.versions` instead
  - `spec.validation` is removed in v1; use `spec.versions[*].schema` instead
  - `spec.subresources` is removed in v1; use `spec.versions[*].subresources` instead
  - `spec.additionalPrinterColumns` is removed in v1; use `spec.versions[*].additionalPrinterColumns` instead
  - `spec.conversion.webhookClientConfig` is moved to `spec.conversion.webhook.clientConfig` in v1
  - `spec.conversion.conversionReviewVersions` is moved to `spec.conversion.webhook.conversionReviewVersions` in v1
  - `spec.versions[*].schema.openAPIV3Schema` is now required when creating v1 CustomResourceDefinitions
  - `spec.preserveUnknownFields: true` is disallowed when creating v1 CustomResourceDefinitions; it must be specified within schema definitions as `x-kubernetes-preserve-unknown-fields: true`
  - In `additionalPrinterColumns` items, the `JSONPath` field was renamed to `jsonPath` in v1 (fixes
  The `` version of `CustomResourceDefinition` is deprecated and will no longer be served in v1.19. ([79604](, [liggitt](
  - The `ConversionReview` API sent to and received from custom resource CustomResourceDefinition conversion webhooks has been promoted to ``. CustomResourceDefinition conversion webhooks can now indicate they support receiving and responding with `ConversionReview` API objects in the `` version by including `v1` in the `conversionReviewVersions` list in their CustomResourceDefinition. Conversion webhooks must respond with a ConversionReview object in the same apiVersion they receive. `` `ConversionReview` responses must specify a `response.uid` that matches the `request.uid` of the object they were sent. ([81476](, [liggitt](
  - Add scheduling support for RuntimeClasses. RuntimeClasses can now specify nodeSelector constraints & tolerations, which are merged into the PodSpec for pods using that RuntimeClass. ([80825](, [tallclair](
  - Kubelet should now more reliably report the same primary node IP even if the set of node IPs reported by the CloudProvider changes. ([79391](, [danwinship](
  - Omit nil or empty field when calculating container hash value to avoid hash changed. For a new field with a non-nil default value in the container spec, the hash would still get changed. ([57741](, [dixudx](
  - Property `conditions` in `apiextensions.v1beta1.CustomResourceDefinitionStatus` and `apiextensions.v1.CustomResourceDefinitionStatus` is now optional instead of required. ([64996](, [roycaihw](
  - When the status of a CustomResourceDefinition condition changes, its corresponding `lastTransitionTime` is now updated. ([69655](, [CaoShuFeng](
  **New Feature:**
  - Adds the ability to load kubeconfig from a dictionary [kubernetes-client/python-base195](
  - Allow incluster to accept pass-in config [kubernetes-client/python-base193](
  - Set expiration on token of incluster config and reload the token if it expires [kubernetes-client/python-base191](
  - Accept and use client certificates from authentication plugins [kubernetes-client/python-base205](
  **Bug Fix:**
  - Fixes a bug in loading kubeconfig when there are no users in the config [kubernetes-client/python-base198](
  - Retry expired watches [kubernetes-client/python-base133](
  **OpenAPI Generator Changes:**
  OpenAPI Generator has been updated to v4.3.0 from v3.3.4. Following are links to Python client related changes throughout the OpenAPI releases above v3.3.4 to v4.3.0:
  - [v4.3.0](
  - [v4.2.3](
  - [v4.2.2](
  - [v4.2.1](
  - [v4.2.0](
  - [v4.1.3](
  - [v4.1.2](
  - [v4.1.1](
  - [v4.1.0](
  - [v4.0.3](
  - [v4.0.2](
  - [v4.0.1](
  - [v4.0.0](


**API Change:**
  - Deleting CustomObjects doesn't require passing in the body anymore [kubernetes-client/gen142](
  **New Feature:**
  - Add ability to the client to be used as Context Manager [kubernetes-client/python1073](
  - Enable the use of dynamic client [kubernetes-client/python1035](
  - Add option to refresh gcp token when config is cmd-path [kubernetes-client/python-base175](
  **Bug Fix:**
  - Add kubernetes.dynamic to pkg list [kubernetes-client/python1096](
  - Fixed issue in `__del__` method of the `ApiClient` that caused an indefinite hang during garbage collection. [kubernetes-client/python1073](
  - Fix custom object API example [kubernetes-client/python1049](
  - Fix deprecation warning in E2E tests [kubernetes-client/python1036](
  - Use `==/!=` to compare str, bytes, and int literals [kubernetes-client/python1007](
  - Fix apiserver_id 'get' method [kubernetes-client/python-base184](
  - Fix persist_config flag and function calls [kubernetes-client/python-base169](
  - Fix memory inneficiencies in the WebSocket client [kubernetes-client/python-base178](
  - Fix functionality to watch logs when log line is not a JSON-serialized object [kubernetes-client/python-base171](
  - Detect binary payloads and send the correct opcode [kubernetes-client/python-base152](
  **Deprecation Notice**

1.0.2 not secure

- Bugfix: support RFC6902 'json-patch' operations 187

1.0.1 not secure

- Bugfix: urllib3 1.21 fails tests, Excluding version 1.21 from dependencies 197

1.0.0 not secure

- Bugfix: blocking exec call should remove channel metadata 140
  - Add close method to websocket api of interactive exec 145

1.0.0b3 not secure

- Bugfix: Missing websocket-client dependency 131

1.0.0b2 not secure

- Support exec calls in both interactive and non-interactive mode 58

1.0.0b1 not secure

- Support insecure-skip-tls-verify config flag 99
  - Added example for using yaml files as models 63
  - Added end to end tests 41, 94
  - Bugfix: Fix ValueError in list_namespaced_config_map 104
  - Bugfix: Export missing models 101
  - Bugfix: Patch operations 93

1.0.0a5 not secure

- Bugfix: Missing fields in some models 85, kubernetes/kubernetes39465

1.0.0a4 not secure

- Bugfix: Fixed broken config loader 77

1.0.0a3 not secure

- Add context switch to kube config loader 46
  - Add default kube config location 64
  - Add suport for accessing multiple clusters 7
  - Bugfix: Python client does not resolve relative paths in kubeconfig 68
  - Bugfix: `read_namespaced_pod_log` get None response 57
  - Improved test coverage 54
  - Improved client generator 49


- auto-generated client from K8s OpenAPI spec
  - kube-config support
  - in-cluster config support: Run scripts inside kubernetes cluster
  - watch support


Skipped because of a failed initial release.