QT/superset2
1
0
Fork 0
mirror of https://github.com/apache/superset.git synced 2026-06-11 10:39:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,544 Commits 495 Branches 546 Tags
3dbfbbdefa338d40407dbd7c94b3d199fb0529eb
Commit Graph

1007 Commits

Author SHA1 Message Date
Amin Ghadersohi
7459b5ab40 style: ruff-format auto-format fix 2026-06-10 23:04:53 +00:00
Evan Rusackas
00e3682aaf fix(dashboard): URL-encode native_filters in permalink redirect (#40660) 
Co-authored-by: Claude Code <noreply@anthropic.com>
 2026-06-09 11:37:08 -07:00
Evan Rusackas
a0cf798409 fix(embedded): add Sec-Fetch-Dest defense-in-depth check on the embedded view (#40667) 
Co-authored-by: Claude Code <noreply@anthropic.com>
 2026-06-09 11:08:08 -07:00
Evan Rusackas
065578e48a fix(commands,api): enforce command validation, sanitize export filename/token, set cache TTLs (#40655) 
Co-authored-by: Claude Code <noreply@anthropic.com>
 2026-06-09 10:29:46 -07:00
Evan Rusackas
bf9ad4d2ba fix: set charset via content_type to avoid malformed Content-Type headers (#40658) 
Co-authored-by: Claude Code <noreply@anthropic.com>
 2026-06-09 10:17:44 -07:00
Evan Rusackas
507cf93687 test(dashboard): API-created dashboards should link charts from position_json (#32966) (#40816) 
Co-authored-by: Claude Code <noreply@anthropic.com>
 2026-06-08 10:51:25 -07:00
Evan Rusackas
b85a2cdab1 fix: ODPS (MaxCompute) data source table preview failed (#38174) 
Co-authored-by: zhutong6688 <zhutong66@163.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-06-05 17:57:44 -07:00
Evan Rusackas
6b0d747939 fix: cache warmup using WebDriver for reliable authentication (#38449) 
Co-authored-by: Superset Dev <dev@superset.apache.org>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-05 16:36:30 -07:00
Evan Rusackas
1623ceda73 fix(result_set): preserve JSON/JSONB data as objects instead of strings (#38172) 
Co-authored-by: Claude <noreply@anthropic.com>
 2026-06-05 11:41:40 -07:00
Shaitan
41572dbf9d fix(chart): restrict owner lookup to users with write access (#39304) 
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-03 23:00:31 +01:00
Amin Ghadersohi
001834470b fix(mcp): escape LIKE wildcards in MCP list tool search filters (#40682) 2026-06-03 13:30:05 -04:00
Shaitan
b8a2f925ee fix(views): enforce per-chart access check in legacy form_data endpoint (#40497) 
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-03 12:56:03 +01:00
Shaitan
77c2bed5f7 fix(dashboards): narrow datasets payload to callers with read access (#40396) 
Co-authored-by: Claude Sonnet 4 <noreply@anthropic.com>
 2026-06-03 12:55:57 +01:00
Shaitan
3191b0fdcd fix: apply dashboard access check in related_objects endpoints (#40333) 
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-03 12:55:38 +01:00
Shaitan
f7f50a7977 fix(sqllab): quote CTAS target identifiers and validate tmp_table_name format (#40245) 
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-03 12:55:25 +01:00
Shaitan
725f5ed2a9 fix(api): enforce per-object ownership validation in chart, dataset, and report commands (#39303) 
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-03 12:55:15 +01:00
Evan Rusackas
fa41769a08 fix(embedded): enforce configured allowed domains for postMessage origin (#40629) 
Co-authored-by: Claude Code <noreply@anthropic.com>
 2026-06-02 22:58:30 -07:00
Shaitan
6eaee211aa fix(sqllab): require dataset match for raw query access (#40409) 
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-02 21:50:27 +01:00
Mehmet Salih Yavuz
e2ed989639 fix(reports): skip permalink when dashboard state has no anchor or filters (#40530) 2026-06-02 11:37:30 +03:00
Joe Li
a33fcb0edd feat: add embedded dashboard E2E tests to Playwright CI (#39300) 
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-06-01 09:42:08 -07:00
Shaitan
afc4f3c9b3 fix(database): extend URI blocklist to cover duckdb dialect (#40402) 
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-30 13:26:38 -07:00
Mike Bridge
7e088792b9 test(model): roll back uncommitted ds_col mutations in timestamp-expression tests (#40451) 
Co-authored-by: Mike Bridge <michael.bridge@ext.preset.io>
 2026-05-26 21:17:08 -03:00
Evan Rusackas
b23c65e04f test(charts): regression for last-modified sort order (#27500) (#40231) 
Co-authored-by: Claude Code <noreply@anthropic.com>
 2026-05-20 11:43:19 -07:00
Shaitan
69adecd6a3 fix(reports): enforce server-side recipient on chart/dashboard report subscriptions (#38847) 
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-20 10:36:42 -07:00
Evan Rusackas
53d5c41a72 test(security): regression test for session cookie after logout (#24713) (#40201) 
Co-authored-by: Claude Code <noreply@anthropic.com>
 2026-05-18 07:20:51 -07:00
Evan Rusackas
453f49ce33 test(api): regression test for Admin empty dashboard/chart list (#25890) (#40202) 
Co-authored-by: Claude Code <noreply@anthropic.com>
 2026-05-18 07:20:37 -07:00
Shaitan
407321e394 fix(database): extend shillelagh URI pattern to cover all driver variants (#39995) 
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-15 12:04:34 +01:00
Ville Brofeldt
af4dc3a9aa fix(re-encrypt): handle non-id PKs and make command idempotent (#40079) 2026-05-12 17:59:52 -07:00
Andy
a6ad0bf169 fix(re-encrypt-secrets): use db.Model.metadata to discover encrypted … (#39390) 
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-11 21:16:41 -07:00
Oleg Ovcharuk
d83b0c5ce3 feat: support creating datasets for schema-less databases (#39433) 
Co-authored-by: codeant-ai-for-open-source[bot] <244253245+codeant-ai-for-open-source[bot]@users.noreply.github.com>
 2026-05-11 08:30:13 -04:00
Maxime Beauchemin
68fa8e2733 fix(viz): flatten MultiIndex columns in Time-Series Table for multiple Group By (#37869) 
Co-authored-by: Claude Opus 4 <noreply@anthropic.com>
Co-authored-by: Evan Rusackas <evan@preset.io>
 2026-05-08 16:11:13 -07:00
Vitor Avila
3745e37182 fix(OAuth2): Support OAuth2 exception with legacy endpoint (#39897) 2026-05-05 21:21:48 -03:00
Beto Dealmeida
cb53745d43 feat: semantic layer extension (#37815) 2026-05-05 12:07:46 -04:00
jesperct
d8dd2d99b3 fix(time-comparison): use chart row_limit instead of instance config in offset queries (#39490) 2026-05-01 16:24:59 -07:00
Declan Zhao
49c249c7a9 fix(cache-warmup): add missing dashboard context in DashboardTagsStrategy (#39531) 2026-04-29 21:18:47 -03:00
JUST.in DO IT
54f1e32763 fix(dashboard): escape emoji in position_json before saving to prevent truncation (#39737) 
Co-authored-by: Michael S. Molina <michael.s.molina@gmail.com>
 2026-04-29 10:08:50 -03:00
Michael S. Molina
c4a8b34b11 fix(query-history): enable sorting by Duration column (#39637) 
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-28 08:49:58 -03:00
Beto Dealmeida
edf4d03218 chore: bump rison to 2.0.0 (#39529) 2026-04-24 15:52:42 -04:00
Declan Zhao
4ee3a0fc07 feat(user_info): include Groups in user data payload when include_perms is True and show Groups on user_info page (#39450) 2026-04-22 11:14:59 -07:00
JUST.in DO IT
0b51e9cd5e fix(sqllab): format_sql to apply db dialect by database_id (#39393) 2026-04-16 08:27:51 -03:00
Hugh A. Miles II
b76080e291 feat(security): add granular export controls - Phase 2 + 3 (#38581) 
Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com>
Co-authored-by: codeant-ai-for-open-source[bot] <244253245+codeant-ai-for-open-source[bot]@users.noreply.github.com>
Co-authored-by: Beto Dealmeida <roberto@dealmeida.net>
Co-authored-by: Daniel Vaz Gaspar <danielvazgaspar@gmail.com>
 2026-04-15 10:24:59 -04:00
Alexandru Soare
ffcc6e8b63 fix(MCP): fix MCP logs (#39159) 2026-04-15 15:57:04 +03:00
Maxime Beauchemin
fa1f12a0b5 fix(explore): replace TableView with virtualized GridTable, add row limit controls, restore sample filters (#39212) 
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-13 08:19:49 -07:00
Shaitan
f49310b8ff fix(sql-lab): apply access check in SqlExecutionResultsCommand (#38952) 
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-09 16:47:15 -04:00
Vitor Avila
c7955a38ef fix: Drill to Detail for Embedded (#39214) 
Co-authored-by: Maxime Beauchemin <maximebeauchemin@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-09 17:01:48 -03:00
Birk Skyum
c49641538d feat: modernize deck.gl and map plugins with MapLibre/Mapbox dual renderer (#38035) 
Co-authored-by: Beto Dealmeida <roberto@dealmeida.net>
 2026-04-08 20:14:59 -04:00
Deadman
4e0890ee1f feat(api): Add filter_dashboard_id parameter to apply dashboard filters to chart/data endpoint (#38638) 
Co-authored-by: Matthew Deadman <matthewdeadman@Matthews-MacBook-Pro-2.local>
Co-authored-by: Matthew Deadman <matthewdeadman@matthews-mbp-2.lan>
Co-authored-by: codeant-ai-for-open-source[bot] <244253245+codeant-ai-for-open-source[bot]@users.noreply.github.com>
 2026-04-08 15:32:46 -07:00
Enzo Martellucci
40387d5daa fix(reports): PUT with empty recipients list does not persist the change (#38711) 2026-03-27 12:54:13 +01:00
Richard Fogaca Nienkotter
9c288d66b5 fix(dataset): add missing currency_code_column to DatasetPostSchema (#38853) 2026-03-26 16:58:04 -03:00
Enzo Martellucci
e088979fbe fix(reports): validate nativeFilters on report create/update and deactivate on dashboard filter deletion (#38715) 2026-03-20 17:20:02 +01:00