diff --git a/docs/admin_docs/configuration/importing-exporting-datasources.mdx b/docs/admin_docs/configuration/importing-exporting-datasources.mdx index dadc5e0d4a7..6fc7ceea9ff 100644 --- a/docs/admin_docs/configuration/importing-exporting-datasources.mdx +++ b/docs/admin_docs/configuration/importing-exporting-datasources.mdx @@ -30,6 +30,10 @@ Superset's ZIP-based import/export also covers **dashboards**, **charts**, and * | └── ... (more databases) ``` +:::note +When you export a database connection, the `masked_encrypted_extra` field (used for sensitive connection parameters such as service account JSON, OAuth tokens, and other encrypted credentials) is included in the export. When importing on another instance, these values are decrypted and re-encrypted using the destination instance's `SECRET_KEY`. Ensure the receiving instance has a valid `SECRET_KEY` configured before importing. +::: + ## Exporting Datasources to YAML You can print your current datasources to stdout by running: diff --git a/docs/admin_docs/security/security.mdx b/docs/admin_docs/security/security.mdx index 540ea54b959..58283be3038 100644 --- a/docs/admin_docs/security/security.mdx +++ b/docs/admin_docs/security/security.mdx @@ -183,6 +183,8 @@ However, it is crucial to understand the following: By combining Superset's configurable safeguards with strong database-level security practices, you can achieve a more robust and layered security posture. +**Dataset Sample Access**: The `get_samples()` endpoint now enforces datasource-level access control. Users can only fetch sample rows from datasets they have been explicitly granted access to — the same permission check applied when running chart queries. This closes a prior gap where unauthenticated or under-privileged access could retrieve sample data. + ### REST API for user & role management Flask-AppBuilder supports a REST API for user CRUD, diff --git a/docs/developer_docs/contributing/development-setup.md b/docs/developer_docs/contributing/development-setup.md index dc1e9c4ed17..07d07eebb2b 100644 --- a/docs/developer_docs/contributing/development-setup.md +++ b/docs/developer_docs/contributing/development-setup.md @@ -485,7 +485,7 @@ Frontend assets (TypeScript, JavaScript, CSS, and images) must be compiled in or First, be sure you are using the following versions of Node.js and npm: -- `Node.js`: Version 20 +- `Node.js`: Version 22 (LTS) - `npm`: Version 10 We recommend using [nvm](https://github.com/nvm-sh/nvm) to manage your node environment: diff --git a/docs/docs/using-superset/exploring-data.mdx b/docs/docs/using-superset/exploring-data.mdx index 8d83a0c2c63..77a11a3f292 100644 --- a/docs/docs/using-superset/exploring-data.mdx +++ b/docs/docs/using-superset/exploring-data.mdx @@ -329,6 +329,15 @@ various options in this section, refer to the Lastly, save your chart as Tutorial Resample and add it to the Tutorial Dashboard. Go to the tutorial dashboard to see the four charts side by side and compare the different outputs. +### Time Range Natural Language Expressions + +The **Custom** time range picker accepts natural language expressions alongside specific dates. Superset supports a range of expressions including: + +- Relative: `Last 7 days`, `Last month`, `Last quarter`, `Last year` +- Anchored: `previous calendar week`, `previous calendar month` +- "First of" expressions: `first day of this week`, `first day of this month`, `first day of this quarter`, `first day of this year`, `first week of this year` +- Offsets: `30 days ago`, `1 year ago`, `next week` + ### SQL Lab Tips **Schema and table browser**: The left-side table browser uses a collapsible treeview — click a schema to expand its tables, and click a table to see its columns and sample data inline. This makes navigating large schemas much faster than the previous flat list.