Continued CVE patches

[lynshi]

As stated in #1349, in September 2023 CVE patches will stop and the project will be archived. However, the suggested replacement, Workload Identity, has an open issue Azure/azure-workload-identity#373 with respect to the number of federated identity credentials (FICs) that can be created. This is a blocker for migration for many teams, especially those that create new namespaces often - each namespace will need its own Service Account(s), which in turn needs FIC(s). This means that a new Azure managed identity needs to be created every 20 namespaces!

In addition to the inconvenience of having to managed Azure identities and allocate FICs under the 20-FIC constraint, creating new Azure identities and adding roles to them opens up the possibility of running up against Azure limits, such as the 4000 role assignments per subscription limit and limits on the number of Active Directory objects per tenant.

With that in mind, are there plans to extend the period during which AAD Pod Identity will receive CVE patches? Ideally, AAD Pod Identity would receive patches until Workload Identity migration blockers are removed.