QT/superset2
1
0
Fork 0
mirror of https://github.com/apache/superset.git synced 2026-04-27 12:05:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,585 Commits 425 Branches 542 Tags
extensions-security-sandbox
Commit Graph

1392 Commits

Author SHA1 Message Date
Evan Rusackas
4ae0bc9ade feat(extensions): add security trust configuration and signature verification 
Implements a comprehensive security system for Superset extensions:

Backend:
- Add EXTENSIONS_TRUST_CONFIG to superset_config.py for admin control
- Create ExtensionSecurityManager for trust validation and signature verification
- Support Ed25519 signatures for extension manifests
- Integrate trust validation into extension loading pipeline

CLI:
- Add `generate-keys` command for creating Ed25519 signing keypairs
- Add `sign` command and `--sign` option to `bundle` for manifest signing

Frontend:
- Add WASM support to webpack config for QuickJS sandbox
- Update Extension interface with trust-related fields
- ExtensionsManager now uses backend-validated trust levels

Documentation:
- Add Administrator Configuration guide for trust settings
- Add Extension Signing guide for developers
- Update security.md and sandbox.md with cross-references
- Add Security subcategory to sidebar

Tests:
- Add 21 unit tests for trust validation and signature verification

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-07 23:43:07 -08:00
Evan Rusackas
9fabd7f997 docs: show Developer Portal in global navigation (#37313) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-22 09:41:07 -08:00
dependabot[bot]
7888da9e30 chore(deps): bump lodash from 4.17.21 to 4.17.23 in /docs (#37346) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-21 20:25:30 -08:00
dependabot[bot]
5e7fe81cfa chore(deps-dev): bump prettier from 3.8.0 to 3.8.1 in /docs (#37329) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-21 15:07:48 -08:00
Evan Rusackas
996e0e1e7a fix(docs): remove broken /docs/databases redirect to nonexistent path (#37316) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 14:08:12 -08:00
Evan Rusackas
d2907b2577 docs: federate scattered markdown files into centralized docs (#36756) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 13:00:54 -08:00
Evan Rusackas
dee063a4c5 feat(examples): Modernize example data loading with Parquet and YAML configs (#36538) 
Co-authored-by: Claude <noreply@anthropic.com>
 2026-01-21 12:42:15 -08:00
dependabot[bot]
10ed60b4c1 chore(deps): bump caniuse-lite from 1.0.30001764 to 1.0.30001765 in /docs (#37238) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-21 11:00:48 -08:00
Evan Rusackas
b460ca94c6 feat(docs): auto-generate database documentation from lib.py (#36805) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 10:54:01 -08:00
dependabot[bot]
13013bbd64 chore(deps-dev): bump typescript-eslint from 8.53.0 to 8.53.1 in /docs (#37272) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-21 23:10:41 +07:00
dependabot[bot]
3fa7dba094 chore(deps): bump diff from 5.2.0 to 5.2.2 in /docs (#37291) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-21 22:09:15 +07:00
dependabot[bot]
2267b78a10 chore(deps): bump antd from 6.2.0 to 6.2.1 in /docs (#37301) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-21 20:57:43 +07:00
dependabot[bot]
f69cd43bd0 chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 in /docs (#37153) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-15 14:00:58 -08:00
dependabot[bot]
4c267b7ee2 chore(deps-dev): bump prettier from 3.7.4 to 3.8.0 in /docs (#37152) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-15 13:59:23 -08:00
Türker Ziya Ercin
4c01b5c324 docs: Add UserGuiding INTHEWILD.yaml (#37030) 2026-01-14 12:05:46 -08:00
dependabot[bot]
4f3403b134 chore(deps): bump antd from 6.1.2 to 6.2.0 in /docs (#37079) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-13 13:41:41 -08:00
SakshiiRohida
0c490dc1ab docs(exploring-data): add overview to tutorial (#37028) 
Co-authored-by: Evan Rusackas <evan@preset.io>
 2026-01-13 10:47:04 -08:00
Türker Ziya Ercin
1166df3579 docs(inthewild): Dark mode issues on InTheWild page (#37034) 2026-01-13 10:46:37 -08:00
dependabot[bot]
6c75365427 chore(deps-dev): bump typescript-eslint from 8.52.0 to 8.53.0 in /docs (#37076) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-13 10:24:07 -08:00
Pere Gomila
462fffc23c fix(docs): Update references from LLMS.md to AGENTS.md (#37060) 2026-01-12 12:25:39 -08:00
dependabot[bot]
adb575be2f chore(deps-dev): bump typescript-eslint from 8.50.1 to 8.52.0 in /docs (#36913) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-12 11:00:31 -08:00
dependabot[bot]
4fe2085596 chore(deps): bump caniuse-lite from 1.0.30001763 to 1.0.30001764 in /docs (#37049) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-12 10:52:13 -08:00
dependabot[bot]
413dfc98ff chore(deps): bump @storybook/addon-docs from 8.6.14 to 8.6.15 in /docs (#36824) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-08 21:45:58 -08:00
dependabot[bot]
57f8f50292 chore(deps-dev): bump @typescript-eslint/eslint-plugin from 8.50.1 to 8.51.0 in /docs (#36898) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-08 21:45:34 -08:00
dependabot[bot]
734d64081f chore(deps): bump caniuse-lite from 1.0.30001762 to 1.0.30001763 in /docs (#36970) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-08 21:42:57 -08:00
dependabot[bot]
77ebc5ac10 chore(deps-dev): bump @typescript-eslint/parser from 8.51.0 to 8.52.0 in /docs (#36918) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-08 11:38:57 -08:00
hlyda0601
16e046b5d9 docs(INTHEWILD): add HOLLYLAND猛玛 (#36968) 2026-01-08 13:47:28 -05:00
Jeroen Habets
03caa7b337 docs(INTHEWILD): add Cirrus Assessment (#36871) 
Co-authored-by: Evan Rusackas <evan@preset.io>
 2026-01-07 13:53:09 -08:00
Pat Buxton
6f67b05375 chore: Update INTHEWILD.yaml for PlaidCloud (#36741) 2026-01-07 11:44:34 -08:00
Evan Rusackas
f9be2b816a feat(docs): add resources admonition with external links (#36761) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-07 11:11:53 -08:00
Michael S. Molina
7a5441bc7a refactor: Remove unimplemented APIs from @apache-superset/core (#36952) 2026-01-07 14:17:06 -03:00
Evan Rusackas
aaa174f820 docs: add Netlify configuration for PR deploy previews (#36908) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-06 10:52:12 -08:00
Evan Rusackas
1949d1bb96 feat(dev): add make ports and make open commands (#36906) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-06 10:52:00 -08:00
Evan Rusackas
5909e90081 feat(security): add built-in Public role for anonymous dashboard access (#36548) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-05 10:27:10 -08:00
Đỗ Trọng Hải
2080633e57 other: resolve frontend dep vulns (#36820) 
Signed-off-by: hainenber <dotronghai96@gmail.com>
 2026-01-02 23:28:44 -08:00
dependabot[bot]
53fa65fe67 chore(deps): bump caniuse-lite from 1.0.30001761 to 1.0.30001762 in /docs (#36865) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-02 23:19:04 -08:00
dependabot[bot]
fdef8fa50a chore(deps-dev): bump @typescript-eslint/parser from 8.50.1 to 8.51.0 in /docs (#36866) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-02 23:18:50 -08:00
İbrahim Ercan
1334040fd6 chore(docs): Include VLMedia logo to intothewild (#36868) 
Co-authored-by: Ibrahim Ercan <ibrahim.ercan@vlmedia.com.tr>
 2026-01-02 23:18:31 -08:00
dependabot[bot]
4451e8db05 chore(deps): bump qs from 6.14.0 to 6.14.1 in /docs (#36884) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-02 23:10:08 -08:00
dependabot[bot]
1b1be96274 chore(deps-dev): bump globals from 16.5.0 to 17.0.0 in /docs (#36886) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-02 23:09:22 -08:00
dependabot[bot]
1697cf733b chore(deps): bump antd from 6.1.1 to 6.1.2 in /docs (#36823) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-27 20:42:16 -08:00
dependabot[bot]
bf5070471d chore(deps): bump storybook from 8.6.14 to 8.6.15 in /docs (#36727) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-23 15:20:39 -08:00
dependabot[bot]
fd67d3190a chore(deps-dev): bump typescript-eslint from 8.50.0 to 8.50.1 in /docs (#36801) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-23 15:19:30 -08:00
Michael S. Molina
ba8d6eb9ac docs: Adds a new "Dependencies" page to the Developer Portal (#36817) 2025-12-23 10:41:10 -08:00
Michael S. Molina
9e04c3471d docs: Add SQL Lab Result Stats to community extensions registry (#36796) 2025-12-23 10:39:47 -08:00
Michael S. Molina
8f8fe19e3e docs: Add SQL Snippets to community extensions registry (#36797) 2025-12-23 14:52:09 -03:00
Michael S. Molina
ff3dab9b3b docs: Add Query Estimator to community extensions registry (#36814) 2025-12-23 14:25:45 -03:00
dependabot[bot]
5cd8e1e736 chore(deps): bump caniuse-lite from 1.0.30001760 to 1.0.30001761 in /docs (#36757) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-20 20:55:21 -08:00
dependabot[bot]
0ced20457b chore(deps-dev): bump webpack from 5.104.0 to 5.104.1 in /docs (#36758) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-20 20:55:01 -08:00
Michael S. Molina
ae491aee00 docs: Add SQL Lab Query Comparison to community extensions registry (#36769) 2025-12-19 16:55:16 -03:00