Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: refuse to start with default secret on non debug envs #23186

Merged
merged 6 commits into from
Mar 1, 2023

Conversation

dpgaspar
Copy link
Member

@dpgaspar dpgaspar commented Feb 24, 2023

SUMMARY

Impose harsher measures when a default SECRET_KEY is identified.
On non development environments on Flask debug mode Superset will refuse to start

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

TESTING INSTRUCTIONS

ADDITIONAL INFORMATION

  • Has associated issue:
  • Required feature flags:
  • Changes UI
  • Includes DB Migration (follow approval process in SIP-59)
    • Migration is atomic, supports rollback & is backwards-compatible
    • Confirm DB migration upgrade and downgrade tested
    • Runtime estimates and downtime expectations provided
  • Introduces new feature or API
  • Removes existing feature or API

@codecov
Copy link

codecov bot commented Feb 24, 2023

Codecov Report

Merging #23186 (96ff56e) into master (89576f8) will decrease coverage by 0.01%.
The diff coverage is 72.72%.

❗ Current head 96ff56e differs from pull request most recent head 9edf0c4. Consider uploading reports for the commit 9edf0c4 to get more accurate results

@@            Coverage Diff             @@
##           master   #23186      +/-   ##
==========================================
- Coverage   67.51%   67.51%   -0.01%     
==========================================
  Files        1899     1899              
  Lines       72990    72999       +9     
  Branches     7899     7899              
==========================================
+ Hits        49276    49282       +6     
- Misses      21689    21692       +3     
  Partials     2025     2025              
Flag Coverage Δ
hive 52.86% <72.72%> (+<0.01%) ⬆️
mysql 78.48% <72.72%> (-0.01%) ⬇️
postgres 78.54% <72.72%> (-0.01%) ⬇️
presto 52.77% <72.72%> (+<0.01%) ⬆️
python 82.33% <72.72%> (-0.01%) ⬇️
sqlite 77.02% <72.72%> (-0.01%) ⬇️
unit 52.61% <72.72%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
superset/initialization/__init__.py 91.38% <70.00%> (-0.71%) ⬇️
superset/config.py 91.78% <100.00%> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

Copy link
Member

@villebro villebro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pull-request-size pull-request-size bot added size/M and removed size/S labels Feb 24, 2023
UPDATING.md Show resolved Hide resolved
@dpgaspar dpgaspar requested a review from eschutho February 24, 2023 17:37
@eschutho eschutho added the v2.1 label Feb 27, 2023
@dpgaspar dpgaspar merged commit b180319 into apache:master Mar 1, 2023
@dpgaspar dpgaspar deleted the fix/secret-key-crash-default branch March 1, 2023 11:21
lilykuang pushed a commit that referenced this pull request Mar 8, 2023
eschutho pushed a commit that referenced this pull request Mar 13, 2023
sebastiankruk added a commit to sebastiankruk/superset that referenced this pull request Mar 16, 2023
* feat: add ssh tunneling to dynamic form for Database Connection UI (apache#22689)

Co-authored-by: Antonio Rivero Martinez <38889534+Antonio-RiveroMartnez@users.noreply.github.com>
Co-authored-by: Antonio Rivero <antonioriverocode@gmail.com>
Co-authored-by: Elizabeth Thompson <eschutho@gmail.com>
Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>

* chore(dashboard): Log events for download as image (apache#22793)

* docs: link docker readme in docker config section (apache#22796)

* chore: Add explicit bidirectional performant relationships for SQLA model (apache#22413)

* fix: better logic to extract errors on databricks (apache#22792)

* fix(hive): Regression in apache#21794 (apache#22794)

* fix: Unexpected error on simple filter (apache#22814)

* feat(docker): Build multiple python version images (apache#22770)

Co-authored-by: Daniel Draper <daniel.draper@understand.ai>

* fix: allow CSV upload in Other db (apache#22807)

* chore: Convert direct uses of antd icons to 'Icons' component (apache#22516)

* fix(sqllab): type error on renderBigIntStr (apache#22813)

* chore: upgrade react-datetime, react-intersection-observer and react-checkbox-tree  (apache#22585)

* feat(helm): Add ability to customize affinity per deployment (apache#22827)

* chore(issue templates): discouraging Issues for feature requests (apache#22617)

* docs(alerts & reports): add, prune, reorganize (apache#20872)

* chore(tests): Streamline Cypress login to fix fails/flakes (apache#22844)

* feat: export/import `allow_dml` flag (apache#22806)

* chore: Migrate /superset/recent_activity/<user_id>/ to /api/v1/ (apache#22789)

* test: Fix act errors in DatasourceControl test (apache#22845)

* test: Fix act errors in DatabaseModal test (apache#22846)

* feat: Move cross filters to Dashboard (apache#22785)

* fix(cpq): Add `schema` to Query.data() payload (apache#22791)

* fix(Annotation Layers): Error when render options with renamed columns (apache#22453)

* build(deps-dev): bump @typescript-eslint/eslint-plugin from 5.48.2 to 5.49.0 in /superset-websocket (apache#22838)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(misc): Spelling (apache#19678)

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>

* build(deps): bump ua-parser-js from 0.7.31 to 0.7.33 in /docs (apache#22858)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(cache): update doc strings (apache#22865)

* chore: migrate react-diff-viewer to react-diff-viewer-continued for react 18 upgrade (apache#22834)

* chore: upgrade react-table for react 18 upgrade (apache#22780)

* chore: upgrade react-reverse-portal for react upgrade (apache#22779)

* chore: removing unnecessary double spaces, a.k.a. "shotgun holes" (apache#22852)

* fix: Convert TIMESTAMP_* to TIMESTAMP in Snowflake (apache#22872)

* fix(sqllab): reverts apache#22695 (apache#22861)

* feat(ssh_tunnel): Add feature flag to SSH Tunnel API (apache#22805)

* fix: revert RESTful apis and react view for RLS (apache#22818)

* chore: deprecate /superset/slice_json/<int:slice_id> and /superset/annotation_json/<int:layer_id> (apache#22496)

* chore: add statsd support to base API and refactor (apache#22887)

* chore: Migrate /superset/queries/<last_updated_ms> to API v1 (apache#22611)

* docs: add Skyscanner to users list (apache#22888)

Co-authored-by: Calum <calum.leslie@skyscanner.net>

* feat: Add excel export (apache#22006)

Co-authored-by: Igor Șincariov <igorsinc@pm.me>
Co-authored-by: EugeneTorap <evgenykrutpro@gmail.com>

* build(deps): bump moment from 2.29.2 to 2.29.4 in /docs (apache#22891)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump underscore from 1.12.0 to 1.12.1 in /superset-frontend (apache#22892)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: deprecate /superset/filter/... endpoint, migrate to apiv1 (apache#22882)

* fix: bump isort to fix pre-commit CI (apache#22907)

* chore: migrate /sql_json and /results to apiv1 (apache#22809)

* chore: Localization of superset pt. 2 (apache#22772)

* fix: edit pyarrow stringify to better handle emojis and accents (apache#22881)

* fix(sqllab): inconsistent addNewQueryEditor behavior (apache#21999)

* fix(i18n): greatly optimize Chinese translation (apache#22036)

* chore: skip puppeteer chromium download (apache#22623)

* fix(dependency): update cryptography import (apache#22744)

Co-authored-by: Daniel Draper <daniel.draper@understand.ai>

* feat: add pyproject.toml file to project (apache#20291)

* chore(db_engine_specs): clean up column spec logic and add tests (apache#22871)

* feat: Adds the ECharts Sunburst chart (apache#22833)

* fix: Time range filter applied on a dashboard is not persisting to the chart explore (apache#22920)

* fix(fab): Fix regression on FAB dropdowns (apache#22889)

* chore: migrate @vx/responsive to @visx/responsive for react 18 upgrade (apache#22815)

* fix: fix warning in ssh tunnel (apache#22912)

* chore: upgrade packages for react v17 upgrade (apache#22914)

* chore: upgrade react-router-dom to 5.3.4 (apache#22878)

* build(deps-dev): bump eslint from 8.32.0 to 8.33.0 in /superset-websocket (apache#22902)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(helm): Make Chart.AppVersion default value for image tag (apache#22854)

* chore: Migrate /superset/tables/* to API v1 (apache#22501)

* fix(native-filters): Ensure that time range filter loses focus after closing modal (apache#22937)

* fix: Remove button is broken for metrics on Explore (apache#22940)

* feat: Enable new dataset creation flow II (apache#22835)

* fix(datasets): Fix property selection on JSON response (apache#22944)

* fix: Improve performance of CSV download (apache#22929)

* test: Clean up AdhocFilterOption test warnings (apache#22915)

* chore: Bump Flask-AppBuilder constraints (apache#22927)

* chore(welcome): change default last tab to "all" (apache#22798)

* fix(explore): Time comparison in Mixed Chart in GENERIC_CHART_AXES not working (apache#22945)

* chore(superset-ui-chart-controls): refactor pivot and rename operator (apache#22963)

* build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /superset-frontend (apache#22958)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(explore): unable to update linked charts (apache#22896)

* chore(frontend): Spelling (apache#19676)

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>

* chore: add waitress for win32 platform (apache#22935)

* fix(datasets): Include expression and description in duplicated dataset columns (apache#22943)

* feat: add tabs to edit dataset page (apache#22043)

Co-authored-by: AAfghahi <48933336+AAfghahi@users.noreply.github.com>
Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>
Co-authored-by: lyndsiWilliams <kcatgirl@gmail.com>

* docs: add Caizin to the user list (apache#22961)

* test: Fix act errors in DatabaseList test (apache#22970)

* test: Clean up QueryList test warnings (apache#22972)

* fix(native-filters): Don't include description icon in truncation calc (apache#22941)

* fix: Prevents last temporal filter removal (apache#22982)

* fix(explore): Mark time range dashboard filter with warning icon (apache#22984)

* docs(alerts & reports): clarify nature of "-dev" labeled container images (apache#22988)

* chore: bump python version to 3.8.16 in Dockerfile (apache#22934)

* fix: Form data was not being passed to save/update slice (apache#22989)

* feat(ssh_tunnel): SSH Tunnel Switch extension (apache#22967)

* chore: Fix grammar (apache#22831)

* docs: added Orange inside the inthewild.md doc (apache#22986)

* fix: add new config to allow for specific import data urls (apache#22942)

* build(deps): bump pre-commit from 2.20.0 to 3.0.4 in /requirements (apache#22996)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(explore): Save button incorrectly disabled when adding new metric with dnd (apache#23000)

* build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /docs (apache#22956)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: Make cte_alias a property of db engine spec (apache#22947)

* fix(migrations): Flask-Migrate output is not logged during alembic migrations apache#17991 (apache#22991)

* fix(dashboard): export & import chart description and certification details (apache#22471)

* chore: updating link to sandbox.js (apache#23005)

* fix(sqllab): clean unwanted scrollbar (apache#22990)

* chore: Localization of superset pt. 3 (apache#22938)

Co-authored-by: Evan Rusackas <evan@preset.io>

* chore(deps): bump ajv and react-jsonschema-form in /superset-frontend (apache#21809)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump eslint-config-prettier from 7.2.0 to 8.6.0 in /superset-websocket (apache#22767)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /superset-frontend/cypress-base (apache#22955)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.11.13 to 18.11.19 in /superset-websocket (apache#22997)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(datasets): Populate Usage tab in Edit Dataset view (apache#22670)

* build(deps-dev): bump @typescript-eslint/parser from 5.48.1 to 5.51.0 in /superset-websocket (apache#23013)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump typescript from 4.9.4 to 4.9.5 in /superset-websocket (apache#22933)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(tests): Cypress optimizations to help with fails (apache#23023)

* chore: refactor SliceAdder for react 17 and react 18 (apache#23009)

* fix(explore): Enable saving metric after changing title (apache#23020)

* fix: dataset import error message (apache#23025)

* fix(ssh_tunnel): Fix bug on database edition for databases with ssh tunnels (apache#23006)

Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>

* fix: Handles disabled options on Select All (apache#22830)

* fix(dashboard): Stop updating chart owners for charts removed from dashboard (apache#21720)

Co-authored-by: Michael S. Molina <michael.s.molina@gmail.com>

* docs(teradata): fix connection string (apache#23051)

* fix: Time Column on Generic X-axis (apache#23021)

* fix: Menu items are not disappearing when deleting a dashboard (apache#23039)

* fix(i18n): improve Russian translation (apache#22939)

* fix(sqllab): Invalid schema fetch by deprecated value (apache#22968)

* chore: Removes icon warnings from tests (apache#23054)

* feat(sqllab): Add event logger (apache#23040)

* chore(datasets): Refactor DatasetDAO update to leverage bulk logic for create, update, and delete operations (apache#22957)

* chore: remove db_engines (apache#22444)

* feat(helm): allow persisting nodePort for services (apache#22713)

Signed-off-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>
Co-authored-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>

* build(deps-dev): bump @typescript-eslint/eslint-plugin from 5.49.0 to 5.52.0 in /superset-websocket (apache#23073)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump hot-shots from 9.3.0 to 10.0.0 in /superset-websocket (apache#23031)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump prettier from 2.8.3 to 2.8.4 in /superset-websocket (apache#23030)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.11.19 to 18.13.0 in /superset-websocket (apache#23029)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: cache warmup solution non legacy charts. (apache#23012)

* docs: remove duplicate navbar item (apache#22486)

Signed-off-by: tison <wander4096@gmail.com>

* chore: Migrate get_or_create_table endpoint to api v1 (apache#22931)

* chore: Migrate /superset/csv/<client_id> to API v1 (apache#22913)

* fix: css template permissions for gamma role (apache#23083)

* build(deps): bump ws from 8.12.0 to 8.12.1 in /superset-websocket (apache#23080)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump eslint from 8.33.0 to 8.34.0 in /superset-websocket (apache#23079)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(style): make brand icon max width customizable (apache#23081)

* chore: Remove dependency warnings from SqlEditorLeftBar/index.tsx (apache#22975)

* chore: Remove dependency warnings from SqlEditor/index.jsx (apache#22974)

* chore: Remove dependency warnings from DatasetList.tsx (apache#22973)

* test: Convert DatasetList test from jsx to tsx (apache#22971)

* test: Clean up SelectAsyncControl test warnings (apache#22969)

* chore: move dashboard screenshot standalone logic (apache#23003)

* fix: dict bug on QueryContextFactory (apache#23093)

Co-authored-by: ok9897 <ok9897@krafton.com>

* chore: Improve greeting message (apache#23077)

* chore: Updating connection URI for MS SQL Server (apache#22903)

Co-authored-by: Evan Rusackas <evan@preset.io>

* chore: increment statsd as warn (apache#23041)

* fix: removing pyproject.toml (apache#23101)

* chore: change AlertQueryError to 400 (apache#23102)

* fix: missing __init__ on module sqllab commands (apache#23107)

* #21 preparing for linux deployment

* chore(backend): Spelling (apache#19677)

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Evan Rusackas <evan@preset.io>

* chore: Remove yarn.lock from the root folder (apache#23108)

* chore(sqla): Address performance tradeoff with eager loading (apache#23113)

* fix(ci): explicity set yaml Loader (apache#23126)

* fix: Validate jinja rendered query (apache#22851)

* fix: reorganize role permissions (apache#23096)

* fix: gamma sql_json test (apache#23135)

* fix(dashboard): Chart's empty state not centered (apache#23022)

* feat: Frontend tagging (apache#20876)

Co-authored-by: cccs-nik <68961854+cccs-nik@users.noreply.github.com>
Co-authored-by: GITHUB_USERNAME <EMAIL>

* feat: return UUID on database creation (apache#23143)

* chore: Add docs for ssh tunneling (apache#23131)

Co-authored-by: Beto Dealmeida <roberto@dealmeida.net>

* feat: Enable cross fitlers in WorldMap and Graph charts (apache#22886)

* chore: Bump cryptography to 39.0.1 (apache#23158)

* feat(dashboard): Add cross filter from context menu (apache#23141)

* chore: revert "feat(native_filter_migration): add transition mode (apache#16992)" (apache#23144)

* build: Add helm chart option to deploy sidecars with node and worker (apache#23160)

* fix(rbac): show objects accessible by database access perm (apache#23118)

* fix: bump FAB to 4.3.0 (apache#23184)

* fix(clickhouse): add clickhouse connect driver (apache#23185)

* fix(clickhouse): add missing default format (apache#23192)

* feat(ssh_tunnel): Import/Export Databases with SSHTunnel credentials (apache#23099)

* chore: refactor SparklineCell for react 17 and react 18 upgrade (apache#23145)

* fix(ssh_tunnel): Display SSHTunnel Switch when editing a DB that was created with the Dynamic Form (apache#23195)

* fix(sshtunnel): argument params to properly setting `server_port` (apache#23196)

* fix(ssh-tunnel): add password to `from_private_key` function (apache#23175)

* fix: Pagination of VirtualTable (apache#23130)

* fix(dashboard): Focusing charts and native filters from filters badge (apache#23190)

* fix(docs): Change postgres to postgresql in brew install command (apache#23202)

* build(deps-dev): bump @typescript-eslint/parser from 5.51.0 to 5.53.0 in /superset-websocket (apache#23133)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.13.0 to 18.14.1 in /superset-websocket (apache#23180)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* test: Remove test playgrounds (apache#23203)

* build(deps-dev): bump @typescript-eslint/eslint-plugin from 5.52.0 to 5.53.0 in /superset-websocket (apache#23132)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump express and @applitools/eyes-cypress in /superset-frontend/cypress-base (apache#22342)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs: fix typo (apache#23207)

* feat: Cross Filters in FilterBar (apache#23138)

Co-authored-by: Kamil Gabryjelski <kamil.gabryjelski@gmail.com>

* fix(dashboard): Page crashing when cross filter applied on adhoc column (apache#23215)

* fix: memoized decorator memory leak (apache#23139)

* build(deps-dev): bump @types/uuid from 9.0.0 to 9.0.1 in /superset-websocket (apache#23152)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump eslint from 8.34.0 to 8.35.0 in /superset-websocket (apache#23211)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: adding code owners for github actions/workflows (apache#23201)

* build(deps): bump ua-parser-js from 0.7.28 to 0.7.33 in /superset-frontend (apache#22859)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump pre-commit from 3.0.4 to 3.1.0 in /requirements (apache#23168)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: add disallowed query params for engines specs (apache#23217)

Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>

* chore: Add statsd logger for ssh tunneling creation (apache#23225)

* fix(dashboard): Don't show cross filters checkbox to users without write permissions (apache#23237)

* docs: update installation docs to include frontend asset build (apache#23199)

* build(deps): bump pip-compile-multi from 2.6.1 to 2.6.2 in /requirements (apache#23122)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(dashboard): Cross-filters not working properly for new dashboards (apache#23194)

* fix: refuse to start with default secret on non debug envs (apache#23186)

* fix(dao): use explicit id filter (apache#23246)

* fix(explore): Dashboard filters on adhoc cols not working in Explore (apache#23239)

* refactor: Organizes the pages in their own folder (apache#23241)

* fix: Video Game Sales dashboard default filters (apache#23242)

* chore: Deprecate show_native_filters (apache#23228)

* chore: Remove the ability to add filter-box charts when DASHBOARD_NATIVE_FILTERS feature is enabled (apache#23142)

* fix(dashboard): Cross-filter search icon in filter bar (apache#23250)

* chore(webdriver): Tuning the Webdriver logging a bit (apache#23255)

* fix: customize tab on heatmap chart is blank (apache#23243)

* fix(dashboard): Missing filter card styles (apache#23256)

* fix: ignore ts warnings from older typescript versions (apache#23262)

* chore(cache): Tuning logging in cache manager (apache#23266)

* fix(dashboard): Charts crashing when cross filter on adhoc column is applied (apache#23238)

Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>

* fix(plugin-chart-echarts): render horizontal categories from top (apache#23273)

* feat(generic-x-axis): add x sorting on series limit metric (apache#23274)

* fix(dashboard): Allow selecting text in cells in Table and PivotTable without triggering cross filters (apache#23283)

* fix(migration): Address issue in apache#23228 (apache#23276)

* chore(dashboard): Cleanup example dashboard filter scopes (apache#23260)

* fix(dashboard): Infinite load when filter with default first value is out of scope (apache#23299)

* fix(clickhouse):  Update to working clickhouse-connect version (apache#23296)

* chore: upgrade @ant-design/icons for react upgrade (apache#22890)

* docs: typo 'admnistrators' in security.mdx (apache#23166)

* build(deps-dev): bump eslint-config-prettier from 8.6.0 to 8.7.0 in /superset-websocket (apache#23292)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump @types/node from 18.14.1 to 18.14.6 in /superset-websocket (apache#23281)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: bump docusaurus to latest stable (apache#23317)

* docs: add lost _filters param docs (apache#23316)

* feat(docs): adds BugHerd to documentation site. (apache#23287)

* chore: log different selenium timeout errors differently (apache#23290)

* docs: improve API v1 migration documentation (apache#23298)

* docs(alerts and reports): Update ExecutorType class (apache#23323)

* build(deps-dev): bump @typescript-eslint/parser from 5.53.0 to 5.54.1 in /superset-websocket (apache#23294)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(dashboard): Refactor FiltersBadge (apache#23286)

* chore: use util test env for init check (apache#23325)

* fix(trino): normalize non-iso timestamps (apache#23339)

* fix(dashboard): Cross filters with time shifted series (apache#23347)

* feat(dashboard): Change default opacity of icon in FiltersBadge (apache#23350)

* fix: dashboard DAO small code improvement (apache#23348)

* chore: Remove Cross Filter scoping modal (apache#23216)

* fix(dashboard): deepmerge htmlSchemaOverrides (apache#23329)

* fix(trino): Disallow alias to source column (apache#23324)

* fix(examples): Cleanup granularity_sqla column (apache#23322)

* fix(sqllab): empty large query results from localStorage (apache#23302)

* chore: Update pre-commit packages (apache#23173)

* fix(safari): remove autocomplete in table select (apache#23361)

* fix(chart-controls): Error if x_axis_sort and timeseries_limit_metric are included in main metrics (apache#23365)

* feat(native-filters): allow cascading from time and numeric filters (apache#23319)

* build(deps-dev): bump @types/node from 18.14.6 to 18.15.3 in /superset-websocket (apache#23360)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(native-filters): Caching scope (apache#23314)

* #56 sync to fix security issues

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Signed-off-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>
Signed-off-by: tison <wander4096@gmail.com>
Co-authored-by: Hugh A. Miles II <hughmil3s@gmail.com>
Co-authored-by: Antonio Rivero Martinez <38889534+Antonio-RiveroMartnez@users.noreply.github.com>
Co-authored-by: Antonio Rivero <antonioriverocode@gmail.com>
Co-authored-by: Elizabeth Thompson <eschutho@gmail.com>
Co-authored-by: Lyndsi Kay Williams <55605634+lyndsiWilliams@users.noreply.github.com>
Co-authored-by: JUST.in DO IT <justin.park@airbnb.com>
Co-authored-by: ʈᵃᵢ <tdupreetan@gmail.com>
Co-authored-by: John Bodley <4567245+john-bodley@users.noreply.github.com>
Co-authored-by: Michael S. Molina <70410625+michael-s-molina@users.noreply.github.com>
Co-authored-by: Daniel Draper <Germandrummer92@gmail.com>
Co-authored-by: Daniel Draper <daniel.draper@understand.ai>
Co-authored-by: Beto Dealmeida <roberto@dealmeida.net>
Co-authored-by: Cody Leff <cody@preset.io>
Co-authored-by: Lily Kuang <lily@preset.io>
Co-authored-by: Sergey Shevchenko <sergeyshevchdevelop@gmail.com>
Co-authored-by: Evan Rusackas <evan@preset.io>
Co-authored-by: Sam Firke <sfirke@users.noreply.github.com>
Co-authored-by: Jack Fragassi <jfragassi98@gmail.com>
Co-authored-by: Geido <60598000+geido@users.noreply.github.com>
Co-authored-by: Stepan <66589759+Always-prog@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Cemre Mengu <cemremengu@gmail.com>
Co-authored-by: Mayur <mayurnewase111@gmail.com>
Co-authored-by: Diego Medina <diegomedina24@gmail.com>
Co-authored-by: Daniel Vaz Gaspar <danielvazgaspar@gmail.com>
Co-authored-by: cleslie <cjaleslie@gmail.com>
Co-authored-by: Calum <calum.leslie@skyscanner.net>
Co-authored-by: Igor Șincariov <102555782+igorsinc@users.noreply.github.com>
Co-authored-by: Igor Șincariov <igorsinc@pm.me>
Co-authored-by: EugeneTorap <evgenykrutpro@gmail.com>
Co-authored-by: Artem Shumeiko <53895552+artemonsh@users.noreply.github.com>
Co-authored-by: 王一川 <wj2247689442@gmail.com>
Co-authored-by: nisheldo <njsheldon@me.com>
Co-authored-by: Leo Schick <67712864+leo-schick@users.noreply.github.com>
Co-authored-by: Ville Brofeldt <33317356+villebro@users.noreply.github.com>
Co-authored-by: Arash Afghahi <48933336+AAfghahi@users.noreply.github.com>
Co-authored-by: Denis Krivenko <dnskrv88@gmail.com>
Co-authored-by: Kamil Gabryjelski <kamil.gabryjelski@gmail.com>
Co-authored-by: Erik Ritter <erik.ritter@airbnb.com>
Co-authored-by: Phillip Kelley-Dotson <pkelleydotson@yahoo.com>
Co-authored-by: lyndsiWilliams <kcatgirl@gmail.com>
Co-authored-by: tejaskatariya <42517374+tejaskatariya@users.noreply.github.com>
Co-authored-by: Adrian <icsu@users.noreply.github.com>
Co-authored-by: alexclavel-ocient <111374753+alexclavel-ocient@users.noreply.github.com>
Co-authored-by: Trey Gilliland <treygilliland3@gmail.com>
Co-authored-by: Michael S. Molina <michael.s.molina@gmail.com>
Co-authored-by: Rajan Gupta <rajan0493@gmail.com>
Co-authored-by: DASTC\gupta_rajan <rajan.gupta@stengg.com>
Co-authored-by: Dheeraj Jaiswal <118437694+dheeraj-jaiswal-lowes@users.noreply.github.com>
Co-authored-by: tison <wander4096@gmail.com>
Co-authored-by: Changhoon Oh <81631424+okayhooni@users.noreply.github.com>
Co-authored-by: ok9897 <ok9897@krafton.com>
Co-authored-by: kuruv <kuruv@users.noreply.github.com>
Co-authored-by: Zef Lin <zef@preset.io>
Co-authored-by: cccs-RyanK <102618419+cccs-RyanK@users.noreply.github.com>
Co-authored-by: cccs-nik <68961854+cccs-nik@users.noreply.github.com>
Co-authored-by: mkramer5454 <52328004+mkramer5454@users.noreply.github.com>
Co-authored-by: Vivek Kumar <49686162+vivekDebugs@users.noreply.github.com>
Co-authored-by: Craig Rueda <craig@craigrueda.com>
Co-authored-by: Geoff Genz <geoff@clickhouse.com>
Co-authored-by: Cameron Gregor <cgregor@securecodewarrior.com>
Co-authored-by: Íñigo Álvaro Sáenz <i.saenz@stuart.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels size/S v2.0 v2.0.2 v2.1 🍒 2.1.0 🍒 2.1.1 🍒 2.1.2 🍒 2.1.3 🚢 3.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants