Skip to content

Commit

Permalink
#56 sync to fix security issues (#66)
Browse files Browse the repository at this point in the history 
* feat: add ssh tunneling to dynamic form for Database Connection UI (apache#22689)

Co-authored-by: Antonio Rivero Martinez <38889534+Antonio-RiveroMartnez@users.noreply.github.com>
Co-authored-by: Antonio Rivero <antonioriverocode@gmail.com>
Co-authored-by: Elizabeth Thompson <eschutho@gmail.com>
Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>

* chore(dashboard): Log events for download as image (apache#22793)

* docs: link docker readme in docker config section (apache#22796)

* chore: Add explicit bidirectional performant relationships for SQLA model (apache#22413)

* fix: better logic to extract errors on databricks (apache#22792)

* fix(hive): Regression in apache#21794 (apache#22794)

* fix: Unexpected error on simple filter (apache#22814)

* feat(docker): Build multiple python version images (apache#22770)

Co-authored-by: Daniel Draper <daniel.draper@understand.ai>

* fix: allow CSV upload in Other db (apache#22807)

* chore: Convert direct uses of antd icons to 'Icons' component (apache#22516)

* fix(sqllab): type error on renderBigIntStr (apache#22813)

* chore: upgrade react-datetime, react-intersection-observer and react-checkbox-tree  (apache#22585)

* feat(helm): Add ability to customize affinity per deployment (apache#22827)

* chore(issue templates): discouraging Issues for feature requests (apache#22617)

* docs(alerts & reports): add, prune, reorganize (apache#20872)

* chore(tests): Streamline Cypress login to fix fails/flakes (apache#22844)

* feat: export/import `allow_dml` flag (apache#22806)

* chore: Migrate /superset/recent_activity/<user_id>/ to /api/v1/ (apache#22789)

* test: Fix act errors in DatasourceControl test (apache#22845)

* test: Fix act errors in DatabaseModal test (apache#22846)

* feat: Move cross filters to Dashboard (apache#22785)

* fix(cpq): Add `schema` to Query.data() payload (apache#22791)

* fix(Annotation Layers): Error when render options with renamed columns (apache#22453)

* build(deps-dev): bump @typescript-eslint/eslint-plugin from 5.48.2 to 5.49.0 in /superset-websocket (apache#22838)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(misc): Spelling (apache#19678)

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>

* build(deps): bump ua-parser-js from 0.7.31 to 0.7.33 in /docs (apache#22858)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(cache): update doc strings (apache#22865)

* chore: migrate react-diff-viewer to react-diff-viewer-continued for react 18 upgrade (apache#22834)

* chore: upgrade react-table for react 18 upgrade (apache#22780)

* chore: upgrade react-reverse-portal for react upgrade (apache#22779)

* chore: removing unnecessary double spaces, a.k.a. "shotgun holes" (apache#22852)

* fix: Convert TIMESTAMP_* to TIMESTAMP in Snowflake (apache#22872)

* fix(sqllab): reverts apache#22695 (apache#22861)

* feat(ssh_tunnel): Add feature flag to SSH Tunnel API (apache#22805)

* fix: revert RESTful apis and react view for RLS (apache#22818)

* chore: deprecate /superset/slice_json/<int:slice_id> and /superset/annotation_json/<int:layer_id> (apache#22496)

* chore: add statsd support to base API and refactor (apache#22887)

* chore: Migrate /superset/queries/<last_updated_ms> to API v1 (apache#22611)

* docs: add Skyscanner to users list (apache#22888)

Co-authored-by: Calum <calum.leslie@skyscanner.net>

* feat: Add excel export (apache#22006)

Co-authored-by: Igor Șincariov <igorsinc@pm.me>
Co-authored-by: EugeneTorap <evgenykrutpro@gmail.com>

* build(deps): bump moment from 2.29.2 to 2.29.4 in /docs (apache#22891)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump underscore from 1.12.0 to 1.12.1 in /superset-frontend (apache#22892)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: deprecate /superset/filter/... endpoint, migrate to apiv1 (apache#22882)

* fix: bump isort to fix pre-commit CI (apache#22907)

* chore: migrate /sql_json and /results to apiv1 (apache#22809)

* chore: Localization of superset pt. 2 (apache#22772)

* fix: edit pyarrow stringify to better handle emojis and accents (apache#22881)

* fix(sqllab): inconsistent addNewQueryEditor behavior (apache#21999)

* fix(i18n): greatly optimize Chinese translation (apache#22036)

* chore: skip puppeteer chromium download (apache#22623)

* fix(dependency): update cryptography import (apache#22744)

Co-authored-by: Daniel Draper <daniel.draper@understand.ai>

* feat: add pyproject.toml file to project (apache#20291)

* chore(db_engine_specs): clean up column spec logic and add tests (apache#22871)

* feat: Adds the ECharts Sunburst chart (apache#22833)

* fix: Time range filter applied on a dashboard is not persisting to the chart explore (apache#22920)

* fix(fab): Fix regression on FAB dropdowns (apache#22889)

* chore: migrate @vx/responsive to @visx/responsive for react 18 upgrade (apache#22815)

* fix: fix warning in ssh tunnel (apache#22912)

* chore: upgrade packages for react v17 upgrade (apache#22914)

* chore: upgrade react-router-dom to 5.3.4 (apache#22878)

* build(deps-dev): bump eslint from 8.32.0 to 8.33.0 in /superset-websocket (apache#22902)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(helm): Make Chart.AppVersion default value for image tag (apache#22854)

* chore: Migrate /superset/tables/* to API v1 (apache#22501)

* fix(native-filters): Ensure that time range filter loses focus after closing modal (apache#22937)

* fix: Remove button is broken for metrics on Explore (apache#22940)

* feat: Enable new dataset creation flow II (apache#22835)

* fix(datasets): Fix property selection on JSON response (apache#22944)

* fix: Improve performance of CSV download (apache#22929)

* test: Clean up AdhocFilterOption test warnings (apache#22915)

* chore: Bump Flask-AppBuilder constraints (apache#22927)

* chore(welcome): change default last tab to "all" (apache#22798)

* fix(explore): Time comparison in Mixed Chart in GENERIC_CHART_AXES not working (apache#22945)

* chore(superset-ui-chart-controls): refactor pivot and rename operator (apache#22963)

* build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /superset-frontend (apache#22958)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(explore): unable to update linked charts (apache#22896)

* chore(frontend): Spelling (apache#19676)

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>

* chore: add waitress for win32 platform (apache#22935)

* fix(datasets): Include expression and description in duplicated dataset columns (apache#22943)

* feat: add tabs to edit dataset page (apache#22043)

Co-authored-by: AAfghahi <48933336+AAfghahi@users.noreply.github.com>
Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>
Co-authored-by: lyndsiWilliams <kcatgirl@gmail.com>

* docs: add Caizin to the user list (apache#22961)

* test: Fix act errors in DatabaseList test (apache#22970)

* test: Clean up QueryList test warnings (apache#22972)

* fix(native-filters): Don't include description icon in truncation calc (apache#22941)

* fix: Prevents last temporal filter removal (apache#22982)

* fix(explore): Mark time range dashboard filter with warning icon (apache#22984)

* docs(alerts & reports): clarify nature of "-dev" labeled container images (apache#22988)

* chore: bump python version to 3.8.16 in Dockerfile (apache#22934)

* fix: Form data was not being passed to save/update slice (apache#22989)

* feat(ssh_tunnel): SSH Tunnel Switch extension (apache#22967)

* chore: Fix grammar (apache#22831)

* docs: added Orange inside the inthewild.md doc (apache#22986)

* fix: add new config to allow for specific import data urls (apache#22942)

* build(deps): bump pre-commit from 2.20.0 to 3.0.4 in /requirements (apache#22996)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(explore): Save button incorrectly disabled when adding new metric with dnd (apache#23000)

* build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /docs (apache#22956)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: Make cte_alias a property of db engine spec (apache#22947)

* fix(migrations): Flask-Migrate output is not logged during alembic migrations apache#17991 (apache#22991)

* fix(dashboard): export & import chart description and certification details (apache#22471)

* chore: updating link to sandbox.js (apache#23005)

* fix(sqllab): clean unwanted scrollbar (apache#22990)

* chore: Localization of superset pt. 3 (apache#22938)

Co-authored-by: Evan Rusackas <evan@preset.io>

* chore(deps): bump ajv and react-jsonschema-form in /superset-frontend (apache#21809)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump eslint-config-prettier from 7.2.0 to 8.6.0 in /superset-websocket (apache#22767)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /superset-frontend/cypress-base (apache#22955)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.11.13 to 18.11.19 in /superset-websocket (apache#22997)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(datasets): Populate Usage tab in Edit Dataset view (apache#22670)

* build(deps-dev): bump @typescript-eslint/parser from 5.48.1 to 5.51.0 in /superset-websocket (apache#23013)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump typescript from 4.9.4 to 4.9.5 in /superset-websocket (apache#22933)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(tests): Cypress optimizations to help with fails (apache#23023)

* chore: refactor SliceAdder for react 17 and react 18 (apache#23009)

* fix(explore): Enable saving metric after changing title (apache#23020)

* fix: dataset import error message (apache#23025)

* fix(ssh_tunnel): Fix bug on database edition for databases with ssh tunnels (apache#23006)

Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>

* fix: Handles disabled options on Select All (apache#22830)

* fix(dashboard): Stop updating chart owners for charts removed from dashboard (apache#21720)

Co-authored-by: Michael S. Molina <michael.s.molina@gmail.com>

* docs(teradata): fix connection string (apache#23051)

* fix: Time Column on Generic X-axis (apache#23021)

* fix: Menu items are not disappearing when deleting a dashboard (apache#23039)

* fix(i18n): improve Russian translation (apache#22939)

* fix(sqllab): Invalid schema fetch by deprecated value (apache#22968)

* chore: Removes icon warnings from tests (apache#23054)

* feat(sqllab): Add event logger (apache#23040)

* chore(datasets): Refactor DatasetDAO update to leverage bulk logic for create, update, and delete operations (apache#22957)

* chore: remove db_engines (apache#22444)

* feat(helm): allow persisting nodePort for services (apache#22713)

Signed-off-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>
Co-authored-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>

* build(deps-dev): bump @typescript-eslint/eslint-plugin from 5.49.0 to 5.52.0 in /superset-websocket (apache#23073)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump hot-shots from 9.3.0 to 10.0.0 in /superset-websocket (apache#23031)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump prettier from 2.8.3 to 2.8.4 in /superset-websocket (apache#23030)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.11.19 to 18.13.0 in /superset-websocket (apache#23029)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: cache warmup solution non legacy charts. (apache#23012)

* docs: remove duplicate navbar item (apache#22486)

Signed-off-by: tison <wander4096@gmail.com>

* chore: Migrate get_or_create_table endpoint to api v1 (apache#22931)

* chore: Migrate /superset/csv/<client_id> to API v1 (apache#22913)

* fix: css template permissions for gamma role (apache#23083)

* build(deps): bump ws from 8.12.0 to 8.12.1 in /superset-websocket (apache#23080)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump eslint from 8.33.0 to 8.34.0 in /superset-websocket (apache#23079)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(style): make brand icon max width customizable (apache#23081)

* chore: Remove dependency warnings from SqlEditorLeftBar/index.tsx (apache#22975)

* chore: Remove dependency warnings from SqlEditor/index.jsx (apache#22974)

* chore: Remove dependency warnings from DatasetList.tsx (apache#22973)

* test: Convert DatasetList test from jsx to tsx (apache#22971)

* test: Clean up SelectAsyncControl test warnings (apache#22969)

* chore: move dashboard screenshot standalone logic (apache#23003)

* fix: dict bug on QueryContextFactory (apache#23093)

Co-authored-by: ok9897 <ok9897@krafton.com>

* chore: Improve greeting message (apache#23077)

* chore: Updating connection URI for MS SQL Server (apache#22903)

Co-authored-by: Evan Rusackas <evan@preset.io>

* chore: increment statsd as warn (apache#23041)

* fix: removing pyproject.toml (apache#23101)

* chore: change AlertQueryError to 400 (apache#23102)

* fix: missing __init__ on module sqllab commands (apache#23107)

* #21 preparing for linux deployment

* chore(backend): Spelling (apache#19677)

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Evan Rusackas <evan@preset.io>

* chore: Remove yarn.lock from the root folder (apache#23108)

* chore(sqla): Address performance tradeoff with eager loading (apache#23113)

* fix(ci): explicity set yaml Loader (apache#23126)

* fix: Validate jinja rendered query (apache#22851)

* fix: reorganize role permissions (apache#23096)

* fix: gamma sql_json test (apache#23135)

* fix(dashboard): Chart's empty state not centered (apache#23022)

* feat: Frontend tagging (apache#20876)

Co-authored-by: cccs-nik <68961854+cccs-nik@users.noreply.github.com>
Co-authored-by: GITHUB_USERNAME <EMAIL>

* feat: return UUID on database creation (apache#23143)

* chore: Add docs for ssh tunneling (apache#23131)

Co-authored-by: Beto Dealmeida <roberto@dealmeida.net>

* feat: Enable cross fitlers in WorldMap and Graph charts (apache#22886)

* chore: Bump cryptography to 39.0.1 (apache#23158)

* feat(dashboard): Add cross filter from context menu (apache#23141)

* chore: revert "feat(native_filter_migration): add transition mode (apache#16992)" (apache#23144)

* build: Add helm chart option to deploy sidecars with node and worker (apache#23160)

* fix(rbac): show objects accessible by database access perm (apache#23118)

* fix: bump FAB to 4.3.0 (apache#23184)

* fix(clickhouse): add clickhouse connect driver (apache#23185)

* fix(clickhouse): add missing default format (apache#23192)

* feat(ssh_tunnel): Import/Export Databases with SSHTunnel credentials (apache#23099)

* chore: refactor SparklineCell for react 17 and react 18 upgrade (apache#23145)

* fix(ssh_tunnel): Display SSHTunnel Switch when editing a DB that was created with the Dynamic Form (apache#23195)

* fix(sshtunnel): argument params to properly setting `server_port` (apache#23196)

* fix(ssh-tunnel): add password to `from_private_key` function (apache#23175)

* fix: Pagination of VirtualTable (apache#23130)

* fix(dashboard): Focusing charts and native filters from filters badge (apache#23190)

* fix(docs): Change postgres to postgresql in brew install command (apache#23202)

* build(deps-dev): bump @typescript-eslint/parser from 5.51.0 to 5.53.0 in /superset-websocket (apache#23133)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.13.0 to 18.14.1 in /superset-websocket (apache#23180)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* test: Remove test playgrounds (apache#23203)

* build(deps-dev): bump @typescript-eslint/eslint-plugin from 5.52.0 to 5.53.0 in /superset-websocket (apache#23132)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump express and @applitools/eyes-cypress in /superset-frontend/cypress-base (apache#22342)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs: fix typo (apache#23207)

* feat: Cross Filters in FilterBar (apache#23138)

Co-authored-by: Kamil Gabryjelski <kamil.gabryjelski@gmail.com>

* fix(dashboard): Page crashing when cross filter applied on adhoc column (apache#23215)

* fix: memoized decorator memory leak (apache#23139)

* build(deps-dev): bump @types/uuid from 9.0.0 to 9.0.1 in /superset-websocket (apache#23152)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump eslint from 8.34.0 to 8.35.0 in /superset-websocket (apache#23211)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: adding code owners for github actions/workflows (apache#23201)

* build(deps): bump ua-parser-js from 0.7.28 to 0.7.33 in /superset-frontend (apache#22859)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump pre-commit from 3.0.4 to 3.1.0 in /requirements (apache#23168)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: add disallowed query params for engines specs (apache#23217)

Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>

* chore: Add statsd logger for ssh tunneling creation (apache#23225)

* fix(dashboard): Don't show cross filters checkbox to users without write permissions (apache#23237)

* docs: update installation docs to include frontend asset build (apache#23199)

* build(deps): bump pip-compile-multi from 2.6.1 to 2.6.2 in /requirements (apache#23122)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(dashboard): Cross-filters not working properly for new dashboards (apache#23194)

* fix: refuse to start with default secret on non debug envs (apache#23186)

* fix(dao): use explicit id filter (apache#23246)

* fix(explore): Dashboard filters on adhoc cols not working in Explore (apache#23239)

* refactor: Organizes the pages in their own folder (apache#23241)

* fix: Video Game Sales dashboard default filters (apache#23242)

* chore: Deprecate show_native_filters (apache#23228)

* chore: Remove the ability to add filter-box charts when DASHBOARD_NATIVE_FILTERS feature is enabled (apache#23142)

* fix(dashboard): Cross-filter search icon in filter bar (apache#23250)

* chore(webdriver): Tuning the Webdriver logging a bit (apache#23255)

* fix: customize tab on heatmap chart is blank (apache#23243)

* fix(dashboard): Missing filter card styles (apache#23256)

* fix: ignore ts warnings from older typescript versions (apache#23262)

* chore(cache): Tuning logging in cache manager (apache#23266)

* fix(dashboard): Charts crashing when cross filter on adhoc column is applied (apache#23238)

Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>

* fix(plugin-chart-echarts): render horizontal categories from top (apache#23273)

* feat(generic-x-axis): add x sorting on series limit metric (apache#23274)

* fix(dashboard): Allow selecting text in cells in Table and PivotTable without triggering cross filters (apache#23283)

* fix(migration): Address issue in apache#23228 (apache#23276)

* chore(dashboard): Cleanup example dashboard filter scopes (apache#23260)

* fix(dashboard): Infinite load when filter with default first value is out of scope (apache#23299)

* fix(clickhouse):  Update to working clickhouse-connect version (apache#23296)

* chore: upgrade @ant-design/icons for react upgrade (apache#22890)

* docs: typo 'admnistrators' in security.mdx (apache#23166)

* build(deps-dev): bump eslint-config-prettier from 8.6.0 to 8.7.0 in /superset-websocket (apache#23292)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.14.1 to 18.14.6 in /superset-websocket (apache#23281)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: bump docusaurus to latest stable (apache#23317)

* docs: add lost _filters param docs (apache#23316)

* feat(docs): adds BugHerd to documentation site. (apache#23287)

* chore: log different selenium timeout errors differently (apache#23290)

* docs: improve API v1 migration documentation (apache#23298)

* docs(alerts and reports): Update ExecutorType class (apache#23323)

* build(deps-dev): bump @typescript-eslint/parser from 5.53.0 to 5.54.1 in /superset-websocket (apache#23294)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(dashboard): Refactor FiltersBadge (apache#23286)

* chore: use util test env for init check (apache#23325)

* fix(trino): normalize non-iso timestamps (apache#23339)

* fix(dashboard): Cross filters with time shifted series (apache#23347)

* feat(dashboard): Change default opacity of icon in FiltersBadge (apache#23350)

* fix: dashboard DAO small code improvement (apache#23348)

* chore: Remove Cross Filter scoping modal (apache#23216)

* fix(dashboard): deepmerge htmlSchemaOverrides (apache#23329)

* fix(trino): Disallow alias to source column (apache#23324)

* fix(examples): Cleanup granularity_sqla column (apache#23322)

* fix(sqllab): empty large query results from localStorage (apache#23302)

* chore: Update pre-commit packages (apache#23173)

* fix(safari): remove autocomplete in table select (apache#23361)

* fix(chart-controls): Error if x_axis_sort and timeseries_limit_metric are included in main metrics (apache#23365)

* feat(native-filters): allow cascading from time and numeric filters (apache#23319)

* build(deps-dev): bump @types/node from 18.14.6 to 18.15.3 in /superset-websocket (apache#23360)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(native-filters): Caching scope (apache#23314)

* #56 sync to fix security issues

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Signed-off-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>
Signed-off-by: tison <wander4096@gmail.com>
Co-authored-by: Hugh A. Miles II <hughmil3s@gmail.com>
Co-authored-by: Antonio Rivero Martinez <38889534+Antonio-RiveroMartnez@users.noreply.github.com>
Co-authored-by: Antonio Rivero <antonioriverocode@gmail.com>
Co-authored-by: Elizabeth Thompson <eschutho@gmail.com>
Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>
Co-authored-by: JUST.in DO IT <justin.park@airbnb.com>
Co-authored-by: ʈᵃᵢ <tdupreetan@gmail.com>
Co-authored-by: John Bodley <4567245+john-bodley@users.noreply.github.com>
Co-authored-by: Michael S. Molina <70410625+michael-s-molina@users.noreply.github.com>
Co-authored-by: Daniel Draper <Germandrummer92@gmail.com>
Co-authored-by: Daniel Draper <daniel.draper@understand.ai>
Co-authored-by: Beto Dealmeida <roberto@dealmeida.net>
Co-authored-by: Cody Leff <cody@preset.io>
Co-authored-by: Lily Kuang <lily@preset.io>
Co-authored-by: Sergey Shevchenko <sergeyshevchdevelop@gmail.com>
Co-authored-by: Evan Rusackas <evan@preset.io>
Co-authored-by: Sam Firke <sfirke@users.noreply.github.com>
Co-authored-by: Jack Fragassi <jfragassi98@gmail.com>
Co-authored-by: Geido <60598000+geido@users.noreply.github.com>
Co-authored-by: Stepan <66589759+Always-prog@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Cemre Mengu <cemremengu@gmail.com>
Co-authored-by: Mayur <mayurnewase111@gmail.com>
Co-authored-by: Diego Medina <diegomedina24@gmail.com>
Co-authored-by: Daniel Vaz Gaspar <danielvazgaspar@gmail.com>
Co-authored-by: cleslie <cjaleslie@gmail.com>
Co-authored-by: Calum <calum.leslie@skyscanner.net>
Co-authored-by: Igor Șincariov <102555782+igorsinc@users.noreply.github.com>
Co-authored-by: Igor Șincariov <igorsinc@pm.me>
Co-authored-by: EugeneTorap <evgenykrutpro@gmail.com>
Co-authored-by: Artem Shumeiko <53895552+artemonsh@users.noreply.github.com>
Co-authored-by: 王一川 <wj2247689442@gmail.com>
Co-authored-by: nisheldo <njsheldon@me.com>
Co-authored-by: Leo Schick <67712864+leo-schick@users.noreply.github.com>
Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
Co-authored-by: Arash Afghahi <48933336+AAfghahi@users.noreply.github.com>
Co-authored-by: Denis Krivenko <dnskrv88@gmail.com>
Co-authored-by: Kamil Gabryjelski <kamil.gabryjelski@gmail.com>
Co-authored-by: Erik Ritter <erik.ritter@airbnb.com>
Co-authored-by: Phillip Kelley-Dotson <pkelleydotson@yahoo.com>
Co-authored-by: lyndsiWilliams <kcatgirl@gmail.com>
Co-authored-by: tejaskatariya <42517374+tejaskatariya@users.noreply.github.com>
Co-authored-by: Adrian <icsu@users.noreply.github.com>
Co-authored-by: alexclavel-ocient <111374753+alexclavel-ocient@users.noreply.github.com>
Co-authored-by: Trey Gilliland <treygilliland3@gmail.com>
Co-authored-by: Michael S. Molina <michael.s.molina@gmail.com>
Co-authored-by: Rajan Gupta <rajan0493@gmail.com>
Co-authored-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>
Co-authored-by: Dheeraj Jaiswal <118437694+dheeraj-jaiswal-lowes@users.noreply.github.com>
Co-authored-by: tison <wander4096@gmail.com>
Co-authored-by: Changhoon Oh <81631424+okayhooni@users.noreply.github.com>
Co-authored-by: ok9897 <ok9897@krafton.com>
Co-authored-by: kuruv <kuruv@users.noreply.github.com>
Co-authored-by: Zef Lin <zef@preset.io>
Co-authored-by: cccs-RyanK <102618419+cccs-RyanK@users.noreply.github.com>
Co-authored-by: cccs-nik <68961854+cccs-nik@users.noreply.github.com>
Co-authored-by: mkramer5454 <52328004+mkramer5454@users.noreply.github.com>
Co-authored-by: Vivek Kumar <49686162+vivekDebugs@users.noreply.github.com>
Co-authored-by: Craig Rueda <craig@craigrueda.com>
Co-authored-by: Geoff Genz <geoff@clickhouse.com>
Co-authored-by: Cameron Gregor <cgregor@securecodewarrior.com>
Co-authored-by: Íñigo Álvaro Sáenz <i.saenz@stuart.com>
  • Loading branch information
@sebastiankruk @hughhhh
@Antonio-RiveroMartnez @eschutho @lyndsiWilliams @justinpark @nytai @john-bodley @michael-s-molina @Germandrummer92 @betodealmeida @codyml @sergeyshevch @rusackas @sfirke @jfrag1 @geido @Always-prog @dependabot @jsoref @cemremengu @mayurnewase @diegomedina248 @dpgaspar @cleslie @igorsinc @EugeneTorap @artemonsh @kpretty @nisheldo @leo-schick @villebro @AAfghahi @dnskr @kgabryje @pkdotson @tejaskatariya @icsu @alexclavel-ocient @treygilliland @rajan123456 @dheeraj-jaiswal-lowes @tisonkun @okayhooni @kuruv @cccs-RyanK @cccs-nik @mkramer5454 @vivekDebugs @craig-rueda @genzgd @camac @mrmooon
65 people authored Mar 16, 2023
1 parent 899cb3b commit 7b7c6c4
Show file tree
Hide file tree
Showing 1,361 changed files with 107,511 additions and 41,050 deletions.
6 changes: 5 additions & 1 deletion .github/CODEOWNERS
View file
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -22,4 +22,8 @@

# Notify E2E test maintainers of changes

/superset-frontend/cypress-base/ @jinghua-qa @geido
/superset-frontend/cypress-base/ @jinghua-qa @geido @eschutho @rusackas @betodealmeida

# Notify PMC members of changes to Github Actions

/.github/ @villebro @geido @eschutho @rusackas @betodealmeida @nytai @mistercrunch @craig-rueda @john-bodley
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/bug_report.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
name: Bug report
about: Create a report to help us improve
about: Create a report to help us improve Superset's stability! For feature requests please open a discussion at https://github.com/apache/superset/discussions/categories/ideas
labels: "#bug"

---
Expand Down
14 changes: 0 additions & 14 deletions .github/ISSUE_TEMPLATE/feature_request.md
View file

This file was deleted.

4 changes: 3 additions & 1 deletion .github/ISSUE_TEMPLATE/sip.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
---
name: SIP
about: Superset Improvement Proposal [See SIP-0](https://github.com/apache/superset/issues/5602)
about: Superset Improvement Proposal (See SIP-0: https://github.com/apache/superset/issues/5602)
labels: "#SIP"
title: "[SIP] Your Title Here (do not add SIP number)"
asignees: "apache/superset-committers"

---

Expand Down
2 changes: 1 addition & 1 deletion .github/actions/chart-testing-action
Submodule chart-testing-action updated 4 files
+66 −0 .github/workflows/test-action.yml
+14 −11 README.md
+17 −3 action.yml
+27 −3 ct.sh
17 changes: 16 additions & 1 deletion .github/workflows/docker_build_push.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,12 +50,27 @@ docker build --target lean \
-t "${REPO_NAME}:${SHA}" \
-t "${REPO_NAME}:${REFSPEC}" \
-t "${REPO_NAME}:${LATEST_TAG}" \
--build-arg PY_VER="3.8-slim"\
--label "sha=${SHA}" \
--label "built_at=$(date)" \
--label "target=lean" \
--label "build_actor=${GITHUB_ACTOR}" \
.

#
# Build the "lean39" image
#
docker build --target lean \
-t "${REPO_NAME}:${SHA}-py39" \
-t "${REPO_NAME}:${REFSPEC}-py39" \
-t "${REPO_NAME}:${LATEST_TAG}-py39" \
--build-arg PY_VER="3.9-slim"\
--label "sha=${SHA}" \
--label "built_at=$(date)" \
--label "target=lean39" \
--label "build_actor=${GITHUB_ACTOR}" \
.

#
# Build the "websocket" image
#
Expand All @@ -65,7 +80,7 @@ docker build \
-t "${REPO_NAME}:${LATEST_TAG}-websocket" \
--label "sha=${SHA}" \
--label "built_at=$(date)" \
--label "target=lean" \
--label "target=websocket" \
--label "build_actor=${GITHUB_ACTOR}" \
superset-websocket

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/superset-applitool-cypress.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
ports:
- 15432:5432
redis:
image: redis:5-alpine
image: redis:7-alpine
ports:
- 16379:6379
steps:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/superset-cli.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
# GitHub action runner's default installations
- 15432:5432
redis:
image: redis:5-alpine
image: redis:7-alpine
ports:
- 16379:6379
steps:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/superset-e2e.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:
ports:
- 15432:5432
redis:
image: redis:5-alpine
image: redis:7-alpine
ports:
- 16379:6379
steps:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/superset-python-integrationtest.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
ports:
- 13306:3306
redis:
image: redis:5-alpine
image: redis:7-alpine
options: --entrypoint redis-server
ports:
- 16379:6379
Expand Down Expand Up @@ -97,7 +97,7 @@ jobs:
# GitHub action runner's default installations
- 15432:5432
redis:
image: redis:5-alpine
image: redis:7-alpine
ports:
- 16379:6379
steps:
Expand Down Expand Up @@ -156,7 +156,7 @@ jobs:
sqlite:///${{ github.workspace }}/.temp/unittest.db
services:
redis:
image: redis:5-alpine
image: redis:7-alpine
ports:
- 16379:6379
steps:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/superset-python-presto-hive.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
# GitHub action runner's default installations
- 15433:8080
redis:
image: redis:5-alpine
image: redis:7-alpine
ports:
- 16379:6379
steps:
Expand Down Expand Up @@ -110,7 +110,7 @@ jobs:
# GitHub action runner's default installations
- 15432:5432
redis:
image: redis:5-alpine
image: redis:7-alpine
ports:
- 16379:6379
steps:
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/superset-python-unittest.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,8 @@ jobs:
mkdir ${{ github.workspace }}/.temp
- name: Python unit tests
if: steps.check.outcome == 'failure'
env:
SUPERSET_TESTENV: true
run: |
pytest --durations-min=0.5 --cov-report= --cov=superset ./tests/common ./tests/unit_tests --cache-clear
- name: Upload code coverage
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/superset-websocket.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
persist-credentials: false
- name: Install dependencies
working-directory: ./superset-websocket
run: npm install
run: npm ci
- name: lint
working-directory: ./superset-websocket
run: npm run lint
Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/welcome-new-users.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,5 @@ jobs:
repo-token: ${{ secrets.GITHUB_TOKEN }}
pr-message: |-
Congrats on making your first PR and thank you for contributing to Superset! :tada: :heart:
We hope to see you in our [Slack](https://apache-superset.slack.com/) community too!
We hope to see you in our [Slack](https://apache-superset.slack.com/) community too! Not signed up? Use our [Slack App](http://bit.ly/join-superset-slack) to self-register.
11 changes: 6 additions & 5 deletions .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,20 +16,21 @@
#
repos:
- repo: https://github.com/PyCQA/isort
rev: 5.9.3
rev: 5.12.0
hooks:
- id: isort
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v0.941
rev: v1.0.1
hooks:
- id: mypy
args: [--check-untyped-defs]
additional_dependencies: [types-all]
- repo: https://github.com/peterdemin/pip-compile-multi
rev: v2.4.1
rev: v2.6.2
hooks:
- id: pip-compile-multi-verify
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.2.0
rev: v4.4.0
hooks:
- id: check-docstring-first
- id: check-added-large-files
Expand All @@ -41,7 +42,7 @@ repos:
- id: trailing-whitespace
args: ["--markdown-linebreak-ext=md"]
- repo: https://github.com/psf/black
rev: 22.3.0
rev: 23.1.0
hooks:
- id: black
language_version: python3
Expand Down
92 changes: 91 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,77 @@ under the License.

## Change Log

- [2.0.1](#201-fri-nov-4-103402-2022--0400)
- [2.0.0](#200-tue-jun-28-085302-2022--0400)
- [1.5.2 (LTS)](#152-wed-sep-14-171151-2022-0530)
- [1.5.3 (LTS)](#153-thu-jan-5-150544-2023--0500)
- [1.5.2](#152-wed-sep-14-171151-2022-0530)
- [1.5.1](#151-thu-may-26-144520-2022-0300)
- [1.5.0](#150-fri-apr-22-172330-2022--0400)
- [1.4.2](#142-sat-mar-19-000806-2022-0200)
- [1.4.1](#141)

### 2.0.1 (Fri Nov 4 10:34:02 2022 -0400)

**Database Migrations**

**Features**

**Fixes**

- [#22417](https://github.com/apache/superset/pull/22417) fix: fix: Force configuration for SafeMarkdown component in Handlebars(@geido)
- [#21895](https://github.com/apache/superset/pull/21895) feat: Improves SafeMarkdown HTML sanitization (@michael-s-molina) (security-improvement)
- [#21874](https://github.com/apache/superset/pull/21874) feat: Adds a Content Security Policy (CSP) check for production environments (@michael-s-molina)(security-improvement)
- [#21853](https://github.com/apache/superset/pull/21853) feat: Disables HTML rendering in Toast by default (@michael-s-molina)(security-improvement)
- [#21776](https://github.com/apache/superset/pull/21776) fix(CustomFrame): Resolves issue #21731 where date range in explore throws runtime error (@eric-briscoe)
- [#21637](https://github.com/apache/superset/pull/21637) fix: respect chart cache timeout setting (@mayurnewase)
- [#21729](https://github.com/apache/superset/pull/21729) fix: allow adhoc columns in non-aggregate query (@mayurnewase)
- [#21441](https://github.com/apache/superset/pull/21441) fix(cache): respect default cache timeout on v1 chart data requests (@villebro)
- [#22038](https://github.com/apache/superset/pull/22038) fix: datasource save, improve data validation (@dpgaspar)
- [#22022](https://github.com/apache/superset/pull/22022) fix: deprecate approve and request_access endpoint (@dpgaspar)
- [#21964](https://github.com/apache/superset/pull/21964) fix: dashboard api cache decorator (@dpgaspar)
- [#21875](https://github.com/apache/superset/pull/21875) fix: check that imports are ZIPs (@betodealmeida)
- [#21761](https://github.com/apache/superset/pull/21761) fix: flash message on database data upload forms (@dpgaspar)
- [#21759](https://github.com/apache/superset/pull/21759) fix: database schema selector on import data (@dpgaspar)
- [#21729](https://github.com/apache/superset/pull/21729) fix: allow adhoc columns in non-aggregate query (@mayurnewase)
- [#21773](https://github.com/apache/superset/pull/21773) fix: remove deprecated ETagResponseMixin (@eschutho)
- [#21561](https://github.com/apache/superset/pull/21561) fix(report): Fix permission check for set up email report on charts/dashboards. Fixes #21559 (@zhaorui2022)
- [#20651](https://github.com/apache/superset/pull/20651) fix: annotation broken (@zhaoyongjie)
- [#20830](https://github.com/apache/superset/pull/20830) fix: remove element reference in alerts report fetchs (@hughhhh)
- [#20063](https://github.com/apache/superset/pull/20063) fix: Add locale for DatePicker component (@aehanno)
- [#21302](https://github.com/apache/superset/pull/21302) fix: disallow users from viewing other user's profile on config (@dpgaspar)
- [#21154](https://github.com/apache/superset/pull/21154) fix(explore): Prevent unnecessary series limit subquery (@codyml)
- [#21498](https://github.com/apache/superset/pull/21498) fix: set correct favicon from config for login and FAB list views (@mayurnewase)
- [#21380](https://github.com/apache/superset/pull/21380) fix(sqllab): Fix cursor alignment in SQL lab editor by avoiding Lucida Console font on Windows (@MichaelHintz)
- [#20061](https://github.com/apache/superset/pull/20061) fix: Add french translation missing (@aehanno)
- [#21044](https://github.com/apache/superset/pull/21044) fix(plugin-chart-echarts): missing value format in mixed timeseries (@justinpark)
- [#21419](https://github.com/apache/superset/pull/21419) fix: cached common bootstrap Revert (#21018) (@dpgaspar)
- [#21296](https://github.com/apache/superset/pull/21296) fix(plugin-chart-echarts): show zero value in tooltip (@villebro)
- [#21294](https://github.com/apache/superset/pull/21294) fix(explore): Time column label not formatted when GENERIC_X_AXES enabled (@kgabryje)
- [#21272](https://github.com/apache/superset/pull/21272) fix: adds TLS certificate validation option for SMTP (@dpgaspar)
- [#21076](https://github.com/apache/superset/pull/21076) fix(celery cache warmup): add auth and use warm_up_cache endpoint (@nytai)
- [#21216](https://github.com/apache/superset/pull/21216) fix(database-list): hide upload file button if no permission (@stephenLYZ)
- [#21153](https://github.com/apache/superset/pull/21153) fix(sqllab): missing zero values while copy-to-clipboard (@justinpark)
- [#21084](https://github.com/apache/superset/pull/21084) fix(native filters): groupby filter issue (@stevetracvc)
- [#21005](https://github.com/apache/superset/pull/21005) fix(plugin-chart-handlebars): Sort-By and Sort-By-Descending control not work (@stephenLYZ)
- [#20969](https://github.com/apache/superset/pull/20969) fix(dashboard): Fix scroll behaviour in DashboardBuilderSidepane (@EugeneTorap)
- [#21007](https://github.com/apache/superset/pull/21007) fix(plugin-chart-echarts): gauge chart enhancements and fixes (@stephenLYZ)
- [#21032](https://github.com/apache/superset/pull/21032) fix(plugin-chart-echarts): invalid total label location for negative values in stacked bar chart (@justinpark)
- [#20962](https://github.com/apache/superset/pull/20962) fix: Explore scrolled down when navigating from dashboard (@kgabryje)
- [#20946](https://github.com/apache/superset/pull/20946) fix(viz): Show zero percent changes in Big Number Viz (@Antonio-RiveroMartnez)
- [#20819](https://github.com/apache/superset/pull/20819) fix: Temporal X Axis values are not properly displayed if the time column has a custom label defined (@diegomedina248)
- [#20736](https://github.com/apache/superset/pull/20736) fix: getting default value in run-server.sh (@zhaoyongjie)
- [#20733](https://github.com/apache/superset/pull/20733) fix(docker): Make Gunicorn max_requests and max_requests_jitter adjustable (@mdeshmu)
- [#20714](https://github.com/apache/superset/pull/20714) fix: logger message (@betodealmeida)

**Others**

- [#21811](https://github.com/apache/superset/pull/21811) chore(sqla): refactor query utils (@villebro)
- [#21811](https://github.com/apache/superset/pull/21811) chore(sqla): refactor query utils (@villebro)
- [#20644](https://github.com/apache/superset/pull/20644) chore(deps): bump moment from 2.29.2 to 2.29.4 in /superset-frontend (@dependabot[bot])
- [#21721](https://github.com/apache/superset/pull/21721) build: changelog for 2.0.1 (@AAfghahi)
- [#21018](https://github.com/apache/superset/pull/21018) perf: Memoize the common_bootstrap_payload (@bkyryliuk)
- [#21091](https://github.com/apache/superset/pull/21091) chore(deps): unpin holidays dependency version (@ecederstrand)

### 2.0.0 (Tue Jun 28 08:53:02 2022 -0400)

**Database Migrations**
Expand Down Expand Up @@ -520,6 +584,32 @@ under the License.
- [#19016](https://github.com/apache/superset/pull/19016) chore: Adding PR to Updating.md (@AAfghahi)
- [#18970](https://github.com/apache/superset/pull/18970) chore: Change Dataset legacy editor flag to true (@AAfghahi)

### 1.5.3 (Thu Jan 5 15:05:44 2023 -0500)

**Database Migrations**

**Features**

**Fixes**

- [#21895](https://github.com/apache/superset/pull/21895) fix: Improves SafeMarkdown HTML sanitization (@michael-s-molina)
- [#21874](https://github.com/apache/superset/pull/21874) fix: Adds a Content Security Policy (CSP) check for production environments (@michael-s-molina)
- [#21853](https://github.com/apache/superset/pull/21853) fix: Disables HTML rendering in Toast by default (@michael-s-molina)
- [#22591](https://github.com/apache/superset/pull/22591) fix: Talisman configuration (@michael-s-molina)
- [#22196](https://github.com/apache/superset/pull/22196) fix(reports): force data generation in csv reports (@mayurnewase)
- [#22038](https://github.com/apache/superset/pull/22038) fix: datasource save, improve data validation (@dpgaspar)
- [#22022](https://github.com/apache/superset/pull/22022) fix: deprecate approve and request_access endpoint (@dpgaspar)
- [#21964](https://github.com/apache/superset/pull/21964) fix: dashboard api cache decorator (@dpgaspar)
- [#21875](https://github.com/apache/superset/pull/21875) fix: check that imports are ZIPs (@betodealmeida)
- [#21761](https://github.com/apache/superset/pull/21761) fix: flash message on database data upload forms (@dpgaspar)
- [#21759](https://github.com/apache/superset/pull/21759) fix: database schema selector on import data (@dpgaspar)
- [#21729](https://github.com/apache/superset/pull/21729) fix: allow adhoc columns in non-aggregate query (@mayurnewase)
- [#21216](https://github.com/apache/superset/pull/21216) fix(database-list): hide upload file button if no permission (@stephenLYZ)

**Others**

- [#21811](https://github.com/apache/superset/pull/21811) chore(sqla): refactor query utils (@villebro)

### 1.5.2 (Wed Sep 14 17:11:51 2022 +0530)

**Fixes**
Expand Down
2 changes: 1 addition & 1 deletion CODE_OF_CONDUCT.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ This statement thanks the following, on which it draws for content and inspirati

# Slack Community Guidelines

If you decide to join the [Community Slack](https://join.slack.com/t/apache-superset/shared_invite/zt-1jp6hjzrq-H0PlFtToyLWuPiJDuRWCNw), please adhere to the following rules:
If you decide to join the [Community Slack](http://bit.ly/join-superset-slack), please adhere to the following rules:

**1. Treat everyone in the community with respect.**

Expand Down
17 changes: 11 additions & 6 deletions CONTRIBUTING.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,9 @@ little bit helps, and credit will always be given.
- [Revert Guidelines](#revert-guidelines)
- [Setup Local Environment for Development](#setup-local-environment-for-development)
- [Documentation](#documentation)
- [Images](#images)
- [Local Development](#local-development)
- [Build](#build)
- [Deployment](#deployment)
- [Flask server](#flask-server)
- [OS Dependencies](#os-dependencies)
- [Dependencies](#dependencies)
Expand Down Expand Up @@ -124,7 +126,7 @@ Here's a list of repositories that contain Superset-related packages:

## Types of Contributions

### Report Bug
### Report a Bug

The best way to report a bug is to file an issue on GitHub. Please include:

Expand All @@ -136,15 +138,17 @@ The best way to report a bug is to file an issue on GitHub. Please include:
When posting Python stack traces, please quote them using
[Markdown blocks](https://help.github.com/articles/creating-and-highlighting-code-blocks/).

_Please note that feature requests opened as Github Issues will be moved to Discussions._

### Submit Ideas or Feature Requests

The best way is to file an issue on GitHub:
The best way is to start an ["Ideas" Discussion thread](https://github.com/apache/superset/discussions/categories/ideas) on GitHub:

- Explain in detail how it would work.
- Keep the scope as narrow as possible, to make it easier to implement.
- Remember that this is a volunteer-driven project, and that contributions are welcome :)
- Remember that this is a volunteer-driven project, and that your contributions are as welcome as anyone's :)

For large features or major changes to codebase, please create **Superset Improvement Proposal (SIP)**. See template from [SIP-0](https://github.com/apache/superset/issues/5602)
To propose large features or major changes to codebase, and help usher in those changes, please create a **Superset Improvement Proposal (SIP)**. See template from [SIP-0](https://github.com/apache/superset/issues/5602)

### Fix Bugs

Expand Down Expand Up @@ -1293,7 +1297,7 @@ To do this, you'll need to:
- Start up a celery worker
```shell script
celery --app=superset.tasks.celery_app:app worker -Ofair
celery --app=superset.tasks.celery_app:app worker -O fair
```
Note that:
Expand Down Expand Up @@ -1323,6 +1327,7 @@ The following configuration settings are available for async queries (see config
- `GLOBAL_ASYNC_QUERIES_REDIS_STREAM_LIMIT_FIREHOSE` - the maximum number of events for all users (FIFO eviction)
- `GLOBAL_ASYNC_QUERIES_JWT_COOKIE_NAME` - the async query feature uses a [JWT](https://tools.ietf.org/html/rfc7519) cookie for authentication, this setting is the cookie's name
- `GLOBAL_ASYNC_QUERIES_JWT_COOKIE_SECURE` - JWT cookie secure option
- `GLOBAL_ASYNC_QUERIES_JWT_COOKIE_SAMESITE` - JWT cookie same site option
- `GLOBAL_ASYNC_QUERIES_JWT_COOKIE_DOMAIN` - JWT cookie domain option ([see docs for set_cookie](https://tedboy.github.io/flask/interface_api.response_object.html#flask.Response.set_cookie))
- `GLOBAL_ASYNC_QUERIES_JWT_SECRET` - JWT's use a secret key to sign and validate the contents. This value should be at least 32 bytes and have sufficient randomness for proper security
- `GLOBAL_ASYNC_QUERIES_TRANSPORT` - available options: "polling" (HTTP, default), "ws" (WebSocket, requires running superset-websocket server)
Expand Down
Loading

0 comments on commit 7b7c6c4

Please sign in to comment.