fix(docker): bind webpack dev server to all interfaces

Change WEBPACK_DEVSERVER_HOST from 127.0.0.1 to 0.0.0.0 to make the
frontend accessible from outside the Docker container. This fixes an
issue where the frontend was only accessible from inside the container.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

.asf.yaml

@@ -83,7 +83,6 @@ github:
           - cypress-matrix (5, chrome)
           - dependency-review
           - frontend-build
-          - playwright-tests (chromium)
           - pre-commit (current)
           - pre-commit (previous)
           - test-mysql

.claude/commands/js-to-ts.md

@@ -1,10 +0,0 @@
-# JavaScript to TypeScript Migration Command
-
-## Usage
-```
-/js-to-ts <core-filename>
-```
-- `<core-filename>` - Path to CORE file relative to `superset-frontend/` (e.g., `src/utils/common.js`, `src/middleware/loggerMiddleware.js`)
-
-## Agent Instructions
-**See:** [../projects/js-to-ts/AGENT.md](../projects/js-to-ts/AGENT.md) for complete migration guide.

.claude/projects/js-to-ts/AGENT.md

@@ -1,684 +0,0 @@
-# JavaScript to TypeScript Migration Agent Guide
-
-**Complete technical reference for converting JavaScript/JSX files to TypeScript/TSX in Apache Superset frontend.**
-
-**Agent Role:** Atomic migration unit - migrate the core file + ALL related tests/mocks as one cohesive unit. Use `git mv` to preserve history, NO `git commit`. NO global import changes. Report results upon completion.
-
----
-
-## 🎯 Migration Principles
-
-1. **Atomic migration units** - Core file + all related tests/mocks migrate together
-2. **Zero `any` types** - Use proper TypeScript throughout
-3. **Leverage existing types** - Reuse established definitions
-4. **Type inheritance** - Derivatives extend base component types
-5. **Strategic placement** - File types for maximum discoverability
-6. **Surgical improvements** - Enhance existing types during migration
-
----
-
-## Step 0: Dependency Check (MANDATORY)
-
-**Command:**
-```bash
-grep -E "from '\.\./.*\.jsx?'|from '\./.*\.jsx?'|from 'src/.*\.jsx?'" superset-frontend/{filename}
-```
-
-**Decision:**
-- ✅ No matches → Proceed with atomic migration (core + tests + mocks)
-- ❌ Matches found → EXIT with dependency report (see format below)
-
----
-
-## Step 1: Identify Related Files (REQUIRED)
-
-**Atomic Migration Scope:**
-For core file `src/utils/example.js`, also migrate:
-- `src/utils/example.test.js` / `src/utils/example.test.jsx`
-- `src/utils/example.spec.js` / `src/utils/example.spec.jsx`
-- `src/utils/__mocks__/example.js`
-- Any other related test/mock files found by pattern matching
-
-**Find all related test and mock files:**
-```bash
-# Pattern-based search for related files
-basename=$(basename {filename} .js)
-dirname=$(dirname superset-frontend/{filename})
-
-# Find test files
-find "$dirname" -name "${basename}.test.js" -o -name "${basename}.test.jsx"
-find "$dirname" -name "${basename}.spec.js" -o -name "${basename}.spec.jsx"
-
-# Find mock files  
-find "$dirname" -name "__mocks__/${basename}.js"
-find "$dirname" -name "${basename}.mock.js"
-```
-
-**Migration Requirement:** All discovered related files MUST be migrated together as one atomic unit.
-
-**Test File Creation:** If NO test files exist for the core file, CREATE a minimal test file using the following pattern:
-- Location: Same directory as core file
-- Name: `{basename}.test.ts` (e.g., `DebouncedMessageQueue.test.ts`)
-- Content: Basic test structure importing and testing the main functionality
-- Use proper TypeScript types in test file
-
----
-
-## 🗺️ Type Reference Map
-
-### From `@superset-ui/core`
-```typescript
-// Data & Query
-QueryFormData, QueryData, JsonObject, AnnotationData, AdhocMetric
-LatestQueryFormData, GenericDataType, DatasourceType, ExtraFormData
-DataMaskStateWithId, NativeFilterScope, NativeFiltersState, NativeFilterTarget
-
-// UI & Theme  
-FeatureFlagMap, LanguagePack, ColorSchemeConfig, SequentialSchemeConfig
-```
-
-### From `@superset-ui/chart-controls`
-```typescript
-Dataset, ColumnMeta, ControlStateMapping
-```
-
-### From Local Types (`src/types/`)
-```typescript
-// Authentication
-User, UserWithPermissionsAndRoles, BootstrapUser, PermissionsAndRoles
-
-// Dashboard
-Dashboard, DashboardState, DashboardInfo, DashboardLayout, LayoutItem
-ComponentType, ChartConfiguration, ActiveFilters
-
-// Charts
-Chart, ChartState, ChartStatus, ChartLinkedDashboard, Slice, SaveActionType
-
-// Data
-Datasource, Database, Owner, Role
-
-// UI Components
-TagType, FavoriteStatus, Filter, ImportResourceName
-```
-
-### From Domain Types
-```typescript
-// src/dashboard/types.ts
-RootState, ChartsState, DatasourcesState, FilterBarOrientation
-ChartCrossFiltersConfig, ActiveTabs, MenuKeys
-
-// src/explore/types.ts  
-ExplorePageInitialData, ExplorePageState, ExploreResponsePayload, OptionSortType
-
-// src/SqlLab/types.ts
-[SQL Lab specific types]
-```
-
----
-
-## 🏗️ Type Organization Strategy
-
-### Type Placement Hierarchy
-
-1. **Component-Colocated** (90% of cases)
-   ```typescript
-   // Same file as component
-   interface MyComponentProps {
-     title: string;
-     onClick: () => void;
-   }
-   ```
-
-2. **Feature-Shared**
-   ```typescript
-   // src/[domain]/components/[Feature]/types.ts
-   export interface FilterConfiguration {
-     filterId: string;
-     targets: NativeFilterTarget[];
-   }
-   ```
-
-3. **Domain-Wide**
-   ```typescript
-   // src/[domain]/types.ts
-   export interface ExploreFormData extends QueryFormData {
-     viz_type: string;
-   }
-   ```
-
-4. **Global**
-   ```typescript
-   // src/types/[TypeName].ts
-   export interface ApiResponse<T> {
-     result: T;
-     count?: number;
-   }
-   ```
-
-### Type Discovery Commands
-```bash
-# Search existing types before creating
-find superset-frontend/src -name "types.ts" -exec grep -l "[TypeConcept]" {} \;
-grep -r "interface.*Props\|type.*Props" superset-frontend/src/
-```
-
-### Derivative Component Patterns
-
-**Rule:** Components that extend others should extend their type interfaces.
-
-```typescript
-// ✅ Base component type
-interface SelectProps {
-  value: string | number;
-  options: SelectOption[];
-  onChange: (value: string | number) => void;
-  disabled?: boolean;
-}
-
-// ✅ Derivative extends base
-interface ChartSelectProps extends SelectProps {
-  charts: Chart[];
-  onChartSelect: (chart: Chart) => void;
-}
-
-// ✅ Derivative with modified props  
-interface DatabaseSelectProps extends Omit<SelectProps, 'value' | 'onChange'> {
-  value: number;  // Narrowed type
-  onChange: (databaseId: number) => void;  // Specific signature
-}
-```
-
-**Common Patterns:**
-- **Extension:** `extends BaseProps` - adds new props
-- **Omission:** `Omit<BaseProps, 'prop'>` - removes props
-- **Modification:** `Omit<BaseProps, 'prop'> & { prop: NewType }` - changes prop type
-- **Restriction:** Override with narrower types (union → specific)
-
----
-
-## 📋 Migration Recipe
-
-### Step 2: File Conversion
-```bash
-# Use git mv to preserve history
-git mv component.js component.ts
-git mv Component.jsx Component.tsx
-```
-
-### Step 3: Import & Type Setup
-```typescript
-// Import order (enforced by linting)
-import { FC, ReactNode } from 'react';
-import { JsonObject, QueryFormData } from '@superset-ui/core';
-import { Dataset } from '@superset-ui/chart-controls';
-import type { Dashboard } from 'src/types/Dashboard';
-```
-
-### Step 4: Function & Component Typing
-```typescript
-// Functions with proper parameter/return types
-export function processData(
-  data: Dataset[],
-  config: JsonObject
-): ProcessedData[] {
-  // implementation
-}
-
-// Component props with inheritance
-interface ComponentProps extends BaseProps {
-  data: Chart[];
-  onSelect: (id: number) => void;
-}
-
-const Component: FC<ComponentProps> = ({ data, onSelect }) => {
-  // implementation
-};
-```
-
-### Step 5: State & Redux Typing
-```typescript
-// Hooks with specific types
-const [data, setData] = useState<Chart[]>([]);
-const [selected, setSelected] = useState<number | null>(null);
-
-// Redux with existing RootState
-const mapStateToProps = (state: RootState) => ({
-  charts: state.charts,
-  user: state.user,
-});
-```
-
----
-
-## 🧠 Type Debugging Strategies (Real-World Learnings)
-
-### The Evolution of Type Approaches
-When you hit type errors, follow this debugging evolution:
-
-#### 1. ❌ Idealized Union Types (First Attempt)
-```typescript
-// Looks clean but doesn't match reality
-type DatasourceInput = Datasource | QueryEditor;
-```
-**Problem**: Real calling sites pass variations, not exact types.
-
-#### 2. ❌ Overly Precise Types (Second Attempt)
-```typescript
-// Tried to match exact calling signatures
-type DatasourceInput =
-  | IDatasource  // From DatasourcePanel
-  | (QueryEditor & { columns: ColumnMeta[] });  // From SaveQuery
-```
-**Problem**: Too rigid, doesn't handle legacy variations.
-
-#### 3. ✅ Flexible Interface (Final Solution)
-```typescript
-// Captures what the function actually needs
-interface DatasourceInput {
-  name?: string | null;  // Allow null for compatibility
-  datasource_name?: string | null;  // Legacy variations
-  columns?: any[];  // Multiple column types accepted
-  database?: { id?: number };
-  // ... other optional properties
-}
-```
-**Success**: Works with all calling sites, focuses on function needs.
-
-### Type Debugging Process
-1. **Start with compilation errors** - they show exact mismatches
-2. **Examine actual usage** - look at calling sites, not idealized types  
-3. **Build flexible interfaces** - capture what functions need, not rigid contracts
-4. **Iterate based on downstream validation** - let calling sites guide your types
-
----
-
-## 🚨 Anti-Patterns to Avoid
-
-```typescript
-// ❌ Never use any
-const obj: any = {};
-
-// ✅ Use proper types
-const obj: Record<string, JsonObject> = {};
-
-// ❌ Don't recreate base component props
-interface ChartSelectProps {
-  value: string;     // Duplicated from SelectProps
-  onChange: () => void;  // Duplicated from SelectProps
-  charts: Chart[];   // New prop
-}
-
-// ✅ Inherit and extend
-interface ChartSelectProps extends SelectProps {
-  charts: Chart[];   // Only new props
-}
-
-// ❌ Don't create ad-hoc type variations
-interface UserInfo {
-  name: string;
-  email: string;
-}
-
-// ✅ Extend existing types (DRY principle)
-import { User } from 'src/types/bootstrapTypes';
-type UserDisplayInfo = Pick<User, 'firstName' | 'lastName' | 'email'>;
-
-// ❌ Don't create overly rigid unions
-type StrictInput = ExactTypeA | ExactTypeB;
-
-// ✅ Create flexible interfaces for function parameters
-interface FlexibleInput {
-  // Focus on what the function actually needs
-  commonProperty: string;
-  optionalVariations?: any;  // Allow for legacy variations
-}
-```
-
-## 📍 DRY Type Guidelines (WHERE TYPES BELONG)
-
-### Type Placement Rules
-**CRITICAL**: Type variations must live close to where they belong, not scattered across files.
-
-#### ✅ Proper Type Organization
-```typescript
-// ❌ Don't create one-off interfaces in utility files
-// src/utils/datasourceUtils.ts
-interface DatasourceInput { /* custom interface */ }  // Wrong!
-
-// ✅ Use existing types or extend them in their proper domain
-// src/utils/datasourceUtils.ts
-import { IDatasource } from 'src/explore/components/DatasourcePanel';
-import { QueryEditor } from 'src/SqlLab/types';
-
-// Create flexible interface that references existing types
-interface FlexibleDatasourceInput {
-  // Properties that actually exist across variations
-}
-```
-
-#### Type Location Hierarchy
-1. **Domain Types**: `src/{domain}/types.ts` (dashboard, explore, SqlLab)
-2. **Component Types**: Co-located with components  
-3. **Global Types**: `src/types/` directory
-4. **Utility Types**: Only when they truly don't belong elsewhere
-
-#### ✅ DRY Type Patterns
-```typescript
-// ✅ Extend existing domain types
-interface SaveQueryData extends Pick<QueryEditor, 'sql' | 'dbId' | 'catalog'> {
-  columns: ColumnMeta[];  // Add what's needed
-}
-
-// ✅ Create flexible interfaces for cross-domain utilities
-interface CrossDomainInput {
-  // Common properties that exist across different source types
-  name?: string | null;  // Accommodate legacy null values
-  // Only include properties the function actually uses
-}
-```
-
----
-
-## 🎯 PropTypes Auto-Generation (Elegant Approach)
-
-**IMPORTANT**: Superset has `babel-plugin-typescript-to-proptypes` configured to automatically generate PropTypes from TypeScript interfaces. Use this instead of manual PropTypes duplication!
-
-### ❌ Manual PropTypes Duplication (Avoid This)
-```typescript
-export interface MyComponentProps {
-  title: string;
-  count?: number;
-}
-
-// 8+ lines of manual PropTypes duplication 😱
-const propTypes = PropTypes.shape({
-  title: PropTypes.string.isRequired,
-  count: PropTypes.number,
-});
-
-export default propTypes;
-```
-
-### ✅ Auto-Generated PropTypes (Use This)
-```typescript
-import { InferProps } from 'prop-types';
-
-export interface MyComponentProps {
-  title: string;
-  count?: number;
-}
-
-// Single validator function - babel plugin auto-generates PropTypes! ✨
-export default function MyComponentValidator(props: MyComponentProps) {
-  return null; // PropTypes auto-assigned by babel-plugin-typescript-to-proptypes
-}
-
-// Optional: For consumers needing PropTypes type inference
-export type MyComponentPropsInferred = InferProps<typeof MyComponentValidator>;
-```
-
-### Migration Pattern for Type-Only Files
-
-**When migrating type-only files with manual PropTypes:**
-
-1. **Keep the TypeScript interfaces** (single source of truth)
-2. **Replace manual PropTypes** with validator function
-3. **Remove PropTypes imports** and manual shape definitions
-4. **Add InferProps import** if type inference needed
-
-**Example Migration:**
-```typescript
-// Before: 25+ lines with manual PropTypes duplication
-export interface AdhocFilterType { /* ... */ }
-const adhocFilterTypePropTypes = PropTypes.oneOfType([...]);
-
-// After: 3 lines with auto-generation
-export interface AdhocFilterType { /* ... */ }
-export default function AdhocFilterValidator(props: { filter: AdhocFilterType }) {
-  return null; // Auto-generated PropTypes by babel plugin
-}
-```
-
-### Component PropTypes Pattern
-
-**For React components, the babel plugin works automatically:**
-
-```typescript
-interface ComponentProps {
-  title: string;
-  onClick: () => void;
-}
-
-const MyComponent: FC<ComponentProps> = ({ title, onClick }) => {
-  // Component implementation
-};
-
-// PropTypes automatically generated by babel plugin - no manual work needed!
-export default MyComponent;
-```
-
-### Auto-Generation Benefits
-
-- ✅ **Single source of truth**: TypeScript interfaces drive PropTypes
-- ✅ **No duplication**: Eliminate 15-20 lines of manual PropTypes code
-- ✅ **Automatic updates**: Changes to TypeScript automatically update PropTypes
-- ✅ **Type safety**: Compile-time checking ensures PropTypes match interfaces
-- ✅ **Backward compatibility**: Existing JavaScript components continue working
-
-### Babel Plugin Configuration
-
-The plugin is already configured in `babel.config.js`:
-```javascript
-['babel-plugin-typescript-to-proptypes', { loose: true }]
-```
-
-**No additional setup required** - just use TypeScript interfaces and the plugin handles the rest!
-
----
-
-## 🧪 Test File Migration Patterns
-
-### Test File Priority
-- **Always migrate test files** alongside production files
-- **Test files are often leaf nodes** - good starting candidates
-- **Create tests if missing** - Leverage new TypeScript types for better test coverage
-
-### Test-Specific Type Patterns
-```typescript
-// Mock interfaces for testing
-interface MockStore {
-  getState: () => Partial<RootState>;  // Partial allows minimal mocking
-}
-
-// Type-safe mocking for complex objects
-const mockDashboardInfo: Partial<DashboardInfo> as DashboardInfo = {
-  id: 123,
-  json_metadata: '{}',
-};
-
-// Sinon stub typing
-let postStub: sinon.SinonStub;
-beforeEach(() => {
-  postStub = sinon.stub(SupersetClient, 'post');
-});
-
-// Use stub reference instead of original method
-expect(postStub.callCount).toBe(1);
-expect(postStub.getCall(0).args[0].endpoint).toMatch('/api/');
-```
-
-### Test Migration Recipe
-1. **Migrate production file first** (if both need migration)
-2. **Update test imports** to point to `.ts/.tsx` files
-3. **Add proper mock typing** using `Partial<T> as T` pattern
-4. **Fix stub typing** - Use stub references, not original methods
-5. **Verify all tests pass** with TypeScript compilation
-
----
-
-## 🔧 Type Conflict Resolution
-
-### Multiple Type Definitions Issue
-**Problem**: Same type name defined in multiple files causes compilation errors.
-
-**Example**: `DashboardInfo` defined in both:
-- `src/dashboard/reducers/types.ts` (minimal)
-- `src/dashboard/components/Header/types.ts` (different shape)  
-- `src/dashboard/types.ts` (complete - used by RootState)
-
-### Resolution Strategy
-1. **Identify the authoritative type**:
-   ```bash
-   # Find which type is used by RootState/main interfaces
-   grep -r "DashboardInfo" src/dashboard/types.ts
-   ```
-
-2. **Use import from authoritative source**:
-   ```typescript
-   // ✅ Import from main domain types
-   import { RootState, DashboardInfo } from 'src/dashboard/types';
-
-   // ❌ Don't import from component-specific files
-   import { DashboardInfo } from 'src/dashboard/components/Header/types';
-   ```
-
-3. **Mock complex types in tests**:
-   ```typescript
-   // For testing - provide minimal required fields
-   const mockInfo: Partial<DashboardInfo> as DashboardInfo = {
-     id: 123,
-     json_metadata: '{}',
-     // Only provide fields actually used in test
-   };
-   ```
-
-### Type Hierarchy Discovery Commands
-```bash
-# Find all definitions of a type
-grep -r "interface.*TypeName\|type.*TypeName" src/
-
-# Find import usage patterns
-grep -r "import.*TypeName" src/
-
-# Check what RootState uses
-grep -A 10 -B 10 "TypeName" src/*/types.ts
-```
-
----
-
-## Agent Constraints (CRITICAL)
-
-1. **Use git mv** - Run `git mv file.js file.ts` to preserve git history, but NO `git commit`
-2. **NO global import changes** - Don't update imports across codebase
-3. **Type files OK** - Can modify existing type files to improve/align types
-4. **Single-File TypeScript Validation** (CRITICAL) - tsc has known issues with multi-file compilation:
-   - **Core Issue**: TypeScript's `tsc` has documented problems validating multiple files simultaneously in complex projects
-   - **Solution**: ALWAYS validate files one at a time using individual `tsc` calls
-   - **Command Pattern**: `cd superset-frontend && npx tscw --noEmit --allowJs --composite false --project tsconfig.json {single-file-path}`
-   - **Why**: Multi-file validation can produce false positives, miss real errors, and conflict during parallel agent execution
-5. **Downstream Impact Validation** (CRITICAL) - Your migration affects calling sites:
-   - **Find downstream files**: `find superset-frontend/src -name "*.tsx" -o -name "*.ts" | xargs grep -l "your-core-filename" 2>/dev/null || echo "No files found"`
-   - **Validate each downstream file individually**: `cd superset-frontend && npx tscw --noEmit --allowJs --composite false --project tsconfig.json {each-downstream-file}`
-   - **Fix type mismatches** you introduced in calling sites
-   - **NEVER ignore downstream errors** - they indicate your types don't match reality
-6. **Avoid Project-Wide Validation During Migration**:
-   - **NEVER use `npm run type`** during parallel agent execution - produces unreliable results
-   - **Single-file validation is authoritative** - trust individual file checks over project-wide scans
-6. **ESLint validation** - Run `npm run eslint -- --fix {file}` for each migrated file to auto-fix formatting/linting issues
-6. Zero `any` types - use proper TypeScript types
-7. Search existing types before creating new ones
-8. Follow patterns from this guide
-
----
-
-## Success Report Format
-
-```
-SUCCESS: Atomic Migration of {core-filename}
-
-## Files Migrated (Atomic Unit)
-- Core: {core-filename} → {core-filename.ts/tsx}
-- Tests: {list-of-test-files} → {list-of-test-files.ts/tsx} OR "CREATED: {basename}.test.ts"
-- Mocks: {list-of-mock-files} → {list-of-mock-files.ts}
-- Type files modified: {list-of-type-files}
-
-## Types Created/Improved
-- {TypeName}: {location} ({scope}) - {rationale}
-- {ExistingType}: enhanced in {location} - {improvement-description}
-
-## Documentation Recommendations  
-- ADD_TO_DIRECTORY: {TypeName} - {reason}
-- NO_DOCUMENTATION: {TypeName} - {reason}
-
-## Quality Validation
-- **Single-File TypeScript Validation**: ✅ PASS - Core files individually validated
-  - Core file: `npx tscw --noEmit --allowJs --composite false --project tsconfig.json {core-file}`
-  - Test files: `npx tscw --noEmit --allowJs --composite false --project tsconfig.json {test-file}` (if exists)
-- **Downstream Impact Check**: ✅ PASS - Found {N} files importing this module, all validate individually
-  - Downstream files: {list-of-files-that-import-your-module}
-  - Individual validation: `npx tscw --noEmit --allowJs --composite false --project tsconfig.json {each-downstream-file}`
-- **ESLint validation**: ✅ PASS (using `npm run eslint -- --fix {files}` to auto-fix formatting)
-- **Zero any types**: ✅ PASS
-- **Local imports resolved**: ✅ PASS  
-- **Functionality preserved**: ✅ PASS
-- **Tests pass** (if test file): ✅ PASS
-- **Follow-up action required**: {YES/NO}
-
-## Validation Strategy Notes
-- **Single-file approach used**: Avoided multi-file tsc validation due to known TypeScript compilation issues
-- **Project-wide validation skipped**: `npm run type` not used during parallel migration to prevent false positives
-
-## Migration Learnings
-- Type conflicts encountered: {describe any multiple type definitions}
-- Mock patterns used: {describe test mocking approaches}
-- Import hierarchy decisions: {note authoritative type sources used}
-- PropTypes strategy: {AUTO_GENERATED via babel plugin | MANUAL_DUPLICATION_REMOVED | N/A}
-
-## Improvement Suggestions for Documentation
-- AGENT.md enhancement: {suggest additions to migration guide}
-- Common pattern identified: {note reusable patterns for future migrations}
-```
-
----
-
-## Dependency Block Report Format
-
-```
-DEPENDENCY_BLOCK: Cannot migrate {filename}
-
-## Blocking Dependencies
-- {path}: {type} - {usage} - {priority}
-
-## Impact Analysis
-- Estimated types: {number}
-- Expected locations: {list}
-- Cross-domain: {YES/NO}
-
-## Recommended Order
-{ordered-list}
-```
-
----
-
-## 📚 Quick Reference
-
-**Type Utilities:**
-- `Record<K, V>` - Object with specific key/value types
-- `Partial<T>` - All properties optional
-- `Pick<T, K>` - Subset of properties
-- `Omit<T, K>` - Exclude specific properties
-- `NonNullable<T>` - Exclude null/undefined
-
-**Event Types:**
-- `MouseEvent<HTMLButtonElement>`
-- `ChangeEvent<HTMLInputElement>`
-- `FormEvent<HTMLFormElement>`
-
-**React Types:**
-- `FC<Props>` - Functional component
-- `ReactNode` - Any renderable content
-- `CSSProperties` - Style objects
-
----
-
-**Remember:** Every type should add value and clarity. The goal is meaningful type safety that catches bugs and improves developer experience.

.claude/projects/js-to-ts/COORDINATOR.md

@@ -1,199 +0,0 @@
-# JS-to-TS Coordinator Workflow
-
-**Role:** Strategic migration coordination - select leaf-node files, trigger agents, review results, handle integration, manage dependencies.
-
----
-
-## 1. Core File Selection Strategy
-
-**Target ONLY Core Files**: Coordinators identify core files (production code), agents handle related tests/mocks atomically.
-
-**File Analysis Commands**:
-```bash
-# Find CORE files with no JS/JSX dependencies (exclude tests/mocks) - SIZE PRIORITIZED
-find superset-frontend/src -name "*.js" -o -name "*.jsx" | grep -v "test\|spec\|mock" | xargs wc -l | sort -n | head -20
-
-# Alternative: Get file sizes in lines with paths
-find superset-frontend/src -name "*.js" -o -name "*.jsx" | grep -v "test\|spec\|mock" | while read file; do
-  lines=$(wc -l < "$file")
-  echo "$lines $file"
-done | sort -n | head -20
-
-# Check dependencies for core files only (start with smallest)
-for file in <core-files-sorted-by-size>; do
-  echo "=== $file ($(wc -l < "$file") lines) ==="
-  grep -E "from '\.\./.*\.jsx?'|from '\./.*\.jsx?'|from 'src/.*\.jsx?'" "$file" || echo "✅ LEAF CANDIDATE"
-done
-
-# Identify heavily imported files (migrate last)  
-grep -r "from.*utils/common" superset-frontend/src/ | wc -l
-
-# Quick leaf analysis with size priority
-find superset-frontend/src -name "*.js" -o -name "*.jsx" | grep -v "test\|spec\|mock" | head -30 | while read file; do
-  deps=$(grep -E "from '\.\./.*\.jsx?'|from '\./.*\.jsx?'|from 'src/.*\.jsx?'" "$file" | wc -l)
-  lines=$(wc -l < "$file")
-  if [ "$deps" -eq 0 ]; then
-    echo "✅ LEAF: $lines lines - $file"
-  fi
-done | sort -n
-```
-
-**Priority Order** (Smallest files first for easier wins):
-1. **Small leaf files** (<50 lines) - No JS/JSX imports, quick TypeScript conversion
-2. **Medium leaf files** (50-200 lines) - Self-contained utilities and helpers  
-3. **Small dependency files** (<100 lines) - Import only already-migrated files
-4. **Larger components** (200+ lines) - Complex but well-contained functionality
-5. **Core foundational files** (utils/common.js, controls.jsx) - migrate last regardless of size
-
-**Size-First Benefits**:
-- Faster completion builds momentum
-- Earlier validation of migration patterns
-- Easier rollback if issues arise
-- Better success rate for agent learning
-
-**Migration Unit**: Each agent call migrates:
-- 1 core file (primary target)
-- All related `*.test.js/jsx` files
-- All related `*.mock.js` files  
-- All related `__mocks__/` files
-
----
-
-## 2. Task Creation & Agent Control
-
-### Task Triggering
-When triggering the `/js-to-ts` command:
-- **Task Title**: Use the core filename as the task title (e.g., "DebouncedMessageQueue.js migration", "hostNamesConfig.js migration")
-- **Task Description**: Include the full relative path to help agent locate the file
-- **Reference**: Point agent to [AGENT.md](./AGENT.md) for technical instructions
-
-### Post-Processing Workflow
-After each agent completes:
-
-1. **Review Agent Report**: Always read and analyze the complete agent report
-2. **Share Summary**: Provide user with key highlights from agent's work:
-   - Files migrated (core + tests/mocks)
-   - Types created or improved
-   - Any validation issues or coordinator actions needed
-3. **Quality Assessment**: Evaluate agent's TypeScript implementation against criteria:
-   - ✅ **Type Usage**: Proper types used, no `any` types
-   - ✅ **Type Filing**: Types placed in correct hierarchy (component → feature → domain → global)
-   - ✅ **Side Effects**: No unintended changes to other files
-   - ✅ **Import Alignment**: Proper .ts/.tsx import extensions
-4. **Integration Decision**:
-   - **COMMIT**: If agent work is complete and high quality
-   - **FIX & COMMIT**: If minor issues need coordinator fixes
-   - **ROLLBACK**: If major issues require complete rework
-5. **Next Action**: Ask user preference - commit this work or trigger next migration
-
----
-
-## 3. Integration Decision Framework
-
-**Automatic Integration** ✅:
-- `npm run type` passes without errors
-- Agent created clean TypeScript with proper types
-- Types appropriately filed in hierarchy
-
-**Coordinator Integration** (Fix Side-Effects) 🔧:
-- `npm run type` fails BUT agent's work is high quality
-- Good type usage, proper patterns, well-organized
-- Side-effects are manageable TypeScript compilation errors
-- **Coordinator Action**: Integrate the change, then fix global compilation issues
-
-**Rollback Only** ❌:
-- Agent introduced `any` types or poor type choices
-- Types poorly organized or conflicting with existing patterns
-- Fundamental approach issues requiring complete rework
-
-**Integration Process**:
-1. **Review**: Agent already used `git mv` to preserve history
-2. **Fix Side-Effects**: Update dependent files with proper import extensions
-3. **Resolve Types**: Fix any cascading type issues across codebase
-4. **Validate**: Ensure `npm run type` passes after fixes
-
----
-
-## 4. Common Integration Patterns
-
-**Common Side-Effects (Expect These)**:
-- **Type import conflicts**: Multiple definitions of same type name
-- **Mock object typing**: Tests need complete type satisfaction
-- **Stub method references**: Use stub vars instead of original methods
-
-**Coordinator Fixes (Standard Process)**:
-1. **Import Resolution**:
-   ```bash
-   # Find authoritative type source
-   grep -r "TypeName" src/*/types.ts
-   # Import from domain types (src/dashboard/types.ts) not component types
-   ```
-
-2. **Test Mock Completion**:
-   ```typescript
-   // Use Partial<T> as T pattern for minimal mocking
-   const mockDashboard: Partial<DashboardInfo> as DashboardInfo = {
-     id: 123,
-     json_metadata: '{}',
-   };
-   ```
-
-3. **Stub Reference Fixes**:
-   ```typescript
-   // ✅ Use stub variable
-   expect(postStub.callCount).toBe(1);
-   // ❌ Don't use original method
-   expect(SupersetClient.post.callCount).toBe(1);
-   ```
-
-4. **Validation Commands**:
-   ```bash
-   npm run type          # TypeScript compilation
-   npm test -- filename  # Test functionality
-   git status           # Should show rename, not add/delete
-   ```
-
----
-
-## 5. File Categories for Planning
-
-### Leaf Files (Start Here)
-**Self-contained files with minimal JS/JSX dependencies**:
-- Test files (80 files) - Usually only import the file being tested
-- Utility files without internal dependencies
-- Components importing only external libraries
-
-### Heavily Imported Files (Migrate Last)
-**Core files that many others depend on**:
-- `utils/common.js` - Core utility functions
-- `utils/reducerUtils.js` - Redux helpers  
-- `@superset-ui/core` equivalent files
-- Major state management files (`explore/store.js`, `dashboard/actions/`)
-
-### Complex Components (Middle Priority)  
-**Large files requiring careful type analysis**:
-- `components/Datasource/DatasourceEditor.jsx` (1,809 lines)
-- `explore/components/controls/AnnotationLayerControl/AnnotationLayer.jsx` (1,031 lines)
-- `explore/components/ExploreViewContainer/index.jsx` (911 lines)
-
----
-
-## 6. Success Metrics & Continuous Improvement
-
-**Per-File Gates**:
-- ✅ `npm run type` passes after each migration
-- ✅ Zero `any` types introduced
-- ✅ All imports properly typed
-- ✅ Types filed in correct hierarchy
-
-**Linear Scheduling**:
-When agents report `DEPENDENCY_BLOCK`:
-- Queue dependencies in linear order
-- Process one file at a time to avoid conflicts
-- Handle cascading type changes between files
-
-**After Each Migration**:
-1. **Update guides** with new patterns discovered
-2. **Document coordinator fixes** that become common
-3. **Enhance agent instructions** based on recurring issues
-4. **Track success metrics** - automatic vs coordinator integration rates

.claude/projects/js-to-ts/PROJECT.md

@@ -1,76 +0,0 @@
-# JavaScript to TypeScript Migration Project
-
-Progressive migration of 219 JS/JSX files to TypeScript in Apache Superset frontend.
-
-## 📁 Project Documentation
-
-- **[AGENT.md](./AGENT.md)** - Complete technical migration guide for agents (includes type reference, patterns, validation)
-- **[COORDINATOR.md](./COORDINATOR.md)** - Strategic workflow for coordinators (file selection, task management, integration)
-
-## 🎯 Quick Start
-
-**For Agents:** Read [AGENT.md](./AGENT.md) for complete migration instructions
-**For Coordinators:** Read [COORDINATOR.md](./COORDINATOR.md) for workflow and [AGENT.md](./AGENT.md) for supervision
-
-**Command:** `/js-to-ts <filename>` - See [../../commands/js-to-ts.md](../../commands/js-to-ts.md)
-
-## 📊 Migration Progress
-
-**Scope**: 219 files total (112 JS + 107 JSX)
-- Production files: 139 (63%)  
-- Test files: 80 (37%)
-
-**Strategy**: Leaf-first migration with dependency-aware coordination
-
-### Completed Migrations ✅
-
-1. **roundDecimal** - `plugins/legacy-plugin-chart-map-box/src/utils/roundDecimal.js`
-   - Migrated core + test files
-   - Added proper TypeScript function signature with optional precision parameter
-   - All tests pass
-
-2. **timeGrainSqlaAnimationOverrides** - `src/explore/controlPanels/timeGrainSqlaAnimationOverrides.js`
-   - Migrated to TypeScript with ControlPanelState and Dataset types
-   - Added TimeGrainOverrideState interface for return type
-   - Used type guards for safe property access
-
-3. **DebouncedMessageQueue** - `src/utils/DebouncedMessageQueue.js`
-   - Migrated to TypeScript with proper generics
-   - Created DebouncedMessageQueueOptions interface
-   - **CREATED test file** with 4 comprehensive test cases
-   - Excellent class property typing with private/readonly modifiers
-
-**Files Migrated**: 3/219 (1.4%)
-**Tests Created**: 2 (roundDecimal had existing, DebouncedMessageQueue created)
-
-### Next Candidates (Leaf Nodes) 🎯
-
-**Identified leaf files with no JS/JSX dependencies:**
-- `src/utils/hostNamesConfig.js` - Domain configuration utility
-- `src/explore/controlPanels/Separator.js` - Control panel configuration  
-- `src/middleware/loggerMiddleware.js` - Logging middleware
-
-**Migration Quality**: All completed migrations have:
-- ✅ Zero `any` types
-- ✅ Proper TypeScript compilation
-- ✅ ESLint validation passed
-- ✅ Test coverage (created where missing)
-
----
-
-## 📈 Success Metrics
-
-**Per-File Gates**:
-- ✅ `npm run type` passes after each migration
-- ✅ Zero `any` types introduced  
-- ✅ All imports properly typed
-- ✅ Types filed in correct hierarchy
-
-**Overall Progress**:
-- **Automatic Integration Rate**: 100% (3/3 migrations required no coordinator fixes)
-- **Test Coverage**: Improved (1 new test file created)
-- **Type Safety**: Enhanced with proper interfaces and generics
-
----
-
-*This is a claudette-managed progressive refactor. All documentation and coordination resources are organized under `.claude/projects/js-to-ts/`*

.devcontainer/README.md

@@ -3,3 +3,14 @@
 For complete documentation on using GitHub Codespaces with Apache Superset, please see:
 
 **[Setting up a Development Environment - GitHub Codespaces](https://superset.apache.org/docs/contributing/development#github-codespaces-cloud-development)**
+
+## Pre-installed Development Environment
+
+When you create a new Codespace from this repository, it automatically:
+
+1. **Creates a Python virtual environment** using `uv venv`
+2. **Installs all development dependencies** via `uv pip install -r requirements/development.txt`
+3. **Sets up pre-commit hooks** with `pre-commit install`
+4. **Activates the virtual environment** automatically in all terminals
+
+The virtual environment is located at `/workspaces/{repository-name}/.venv` and is automatically activated through environment variables set in the devcontainer configuration.

.devcontainer/default/devcontainer.json

@@ -1,19 +0,0 @@
-{
-  // Extend the base configuration
-  "extends": "../devcontainer-base.json",
-
-  "name": "Apache Superset Development (Default)",
-
-  // Forward ports for development
-  "forwardPorts": [9001],
-  "portsAttributes": {
-    "9001": {
-      "label": "Superset (via Webpack Dev Server)",
-      "onAutoForward": "notify",
-      "visibility": "public"
-    }
-  },
-
-  // Auto-start Superset on Codespace resume
-  "postStartCommand": ".devcontainer/start-superset.sh"
-}

.devcontainer/devcontainer-base.json

@@ -1,39 +0,0 @@
-{
-  "name": "Apache Superset Development",
-  // Keep this in sync with the base image in Dockerfile (ARG PY_VER)
-  // Using the same base as Dockerfile, but non-slim for dev tools
-  "image": "python:3.11.13-bookworm",
-
-  "features": {
-    "ghcr.io/devcontainers/features/docker-in-docker:2": {
-      "moby": true,
-      "dockerDashComposeVersion": "v2"
-    },
-    "ghcr.io/devcontainers/features/node:1": {
-      "version": "20"
-    },
-    "ghcr.io/devcontainers/features/git:1": {},
-    "ghcr.io/devcontainers/features/common-utils:2": {
-      "configureZshAsDefaultShell": true
-    },
-    "ghcr.io/devcontainers/features/sshd:1": {
-      "version": "latest"
-    }
-  },
-
-  // Run commands after container is created
-  "postCreateCommand": "chmod +x .devcontainer/setup-dev.sh && .devcontainer/setup-dev.sh",
-
-  // VS Code customizations
-  "customizations": {
-    "vscode": {
-      "extensions": [
-        "ms-python.python",
-        "ms-python.vscode-pylance",
-        "charliermarsh.ruff",
-        "dbaeumer.vscode-eslint",
-        "esbenp.prettier-vscode"
-      ]
-    }
-  }
-}

.devcontainer/setup-dev.sh

@@ -3,30 +3,76 @@
 
 echo "🔧 Setting up Superset development environment..."
 
-# The universal image has most tools, just need Superset-specific libs
-echo "📦 Installing Superset-specific dependencies..."
-sudo apt-get update
-sudo apt-get install -y \
-    libsasl2-dev \
-    libldap2-dev \
-    libpq-dev \
-    tmux \
-    gh
+# System dependencies and uv are now pre-installed in the Docker image
+# This speeds up Codespace creation significantly!
 
-# Install uv for fast Python package management
-echo "📦 Installing uv..."
-curl -LsSf https://astral.sh/uv/install.sh | sh
+# Create virtual environment using uv
+echo "🐍 Creating Python virtual environment..."
+if ! uv venv; then
+    echo "❌ Failed to create virtual environment"
+    exit 1
+fi
 
-# Add cargo/bin to PATH for uv
-echo 'export PATH="$HOME/.cargo/bin:$PATH"' >> ~/.bashrc
-echo 'export PATH="$HOME/.cargo/bin:$PATH"' >> ~/.zshrc
+# Install Python dependencies
+echo "📦 Installing Python dependencies..."
+if ! uv pip install -r requirements/development.txt; then
+    echo "❌ Failed to install Python dependencies"
+    echo "💡 You may need to run this manually after the Codespace starts"
+    exit 1
+fi
+
+# Install pre-commit hooks
+echo "🪝 Installing pre-commit hooks..."
+if source .venv/bin/activate && pre-commit install; then
+    echo "✅ Pre-commit hooks installed"
+else
+    echo "⚠️  Pre-commit hooks installation failed (non-critical)"
+fi
 
 # Install Claude Code CLI via npm
 echo "🤖 Installing Claude Code..."
-npm install -g @anthropic-ai/claude-code
+if npm install -g @anthropic-ai/claude-code; then
+    echo "✅ Claude Code installed"
+else
+    echo "⚠️  Claude Code installation failed (non-critical)"
+fi
 
 # Make the start script executable
 chmod +x .devcontainer/start-superset.sh
 
+# Add bashrc additions for automatic venv activation
+echo "🔧 Setting up automatic environment activation..."
+if [ -f ~/.bashrc ]; then
+    # Check if we've already added our additions
+    if ! grep -q "Superset Codespaces environment setup" ~/.bashrc; then
+        echo "" >> ~/.bashrc
+        cat .devcontainer/bashrc-additions >> ~/.bashrc
+        echo "✅ Added automatic venv activation to ~/.bashrc"
+    else
+        echo "✅ Bashrc additions already present"
+    fi
+else
+    # Create bashrc if it doesn't exist
+    cat .devcontainer/bashrc-additions > ~/.bashrc
+    echo "✅ Created ~/.bashrc with automatic venv activation"
+fi
+
+# Also add to zshrc since that's the default shell
+if [ -f ~/.zshrc ] || [ -n "$ZSH_VERSION" ]; then
+    if ! grep -q "Superset Codespaces environment setup" ~/.zshrc; then
+        echo "" >> ~/.zshrc
+        cat .devcontainer/bashrc-additions >> ~/.zshrc
+        echo "✅ Added automatic venv activation to ~/.zshrc"
+    fi
+fi
+
 echo "✅ Development environment setup complete!"
-echo "🚀 Run '.devcontainer/start-superset.sh' to start Superset"
+echo ""
+echo "📝 The virtual environment will be automatically activated in new terminals"
+echo ""
+echo "🔄 To activate in this terminal, run:"
+echo "   source ~/.bashrc"
+echo ""
+echo "🚀 To start Superset:"
+echo "   start-superset"
+echo ""

.devcontainer/start-superset.sh

@@ -1,14 +1,14 @@
 #!/bin/bash
 # Startup script for Superset in Codespaces
 
+# Log to a file for debugging
+LOG_FILE="/tmp/superset-startup.log"
+echo "[$(date)] Starting Superset startup script" >> "$LOG_FILE"
+echo "[$(date)] User: $(whoami), PWD: $(pwd)" >> "$LOG_FILE"
+
 echo "🚀 Starting Superset in Codespaces..."
 echo "🌐 Frontend will be available at port 9001"
 
-# Check if MCP is enabled
-if [ "$ENABLE_MCP" = "true" ]; then
-    echo "🤖 MCP Service will be available at port 5008"
-fi
-
 # Find the workspace directory (Codespaces clones as 'superset', not 'superset-2')
 WORKSPACE_DIR=$(find /workspaces -maxdepth 1 -name "superset*" -type d | head -1)
 if [ -n "$WORKSPACE_DIR" ]; then
@@ -18,32 +18,71 @@ else
     echo "📁 Using current directory: $(pwd)"
 fi
 
-# Check if docker is running
-if ! docker info > /dev/null 2>&1; then
-    echo "⏳ Waiting for Docker to start..."
-    sleep 5
+# Wait for Docker to be available
+echo "⏳ Waiting for Docker to start..."
+echo "[$(date)] Waiting for Docker..." >> "$LOG_FILE"
+max_attempts=30
+attempt=0
+while ! docker info > /dev/null 2>&1; do
+    if [ $attempt -eq $max_attempts ]; then
+        echo "❌ Docker failed to start after $max_attempts attempts"
+        echo "[$(date)] Docker failed to start after $max_attempts attempts" >> "$LOG_FILE"
+        echo "🔄 Please restart the Codespace or run this script manually later"
+        exit 1
+    fi
+    echo "   Attempt $((attempt + 1))/$max_attempts..."
+    echo "[$(date)] Docker check attempt $((attempt + 1))/$max_attempts" >> "$LOG_FILE"
+    sleep 2
+    attempt=$((attempt + 1))
+done
+echo "✅ Docker is ready!"
+echo "[$(date)] Docker is ready" >> "$LOG_FILE"
+
+# Check if Superset containers are already running
+if docker ps | grep -q "superset"; then
+    echo "✅ Superset containers are already running!"
+    echo ""
+    echo "🌐 To access Superset:"
+    echo "   1. Click the 'Ports' tab at the bottom of VS Code"
+    echo "   2. Find port 9001 and click the globe icon to open"
+    echo "   3. Wait 10-20 minutes for initial startup"
+    echo ""
+    echo "📝 Login credentials: admin/admin"
+    exit 0
 fi
 
 # Clean up any existing containers
 echo "🧹 Cleaning up existing containers..."
-docker-compose -f docker-compose-light.yml --profile mcp down
+docker-compose -f docker-compose-light.yml down
 
 # Start services
-echo "🏗️  Building and starting services..."
+echo "🏗️  Starting Superset in background (daemon mode)..."
 echo ""
-echo "📝 Once started, login with:"
-echo "   Username: admin"
-echo "   Password: admin"
-echo ""
-echo "📋 Running in foreground with live logs (Ctrl+C to stop)..."
 
-# Run docker-compose and capture exit code
-if [ "$ENABLE_MCP" = "true" ]; then
-    echo "🤖 Starting with MCP Service enabled..."
-    docker-compose -f docker-compose-light.yml --profile mcp up
-else
-    docker-compose -f docker-compose-light.yml up
-fi
+# Start in detached mode
+docker-compose -f docker-compose-light.yml up -d
+
+echo ""
+echo "✅ Docker Compose started successfully!"
+echo ""
+echo "📋 Important information:"
+echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+echo "⏱️  Initial startup takes 10-20 minutes"
+echo "🌐 Check the 'Ports' tab for your Superset URL (port 9001)"
+echo "👤 Login: admin / admin"
+echo ""
+echo "📊 Useful commands:"
+echo "   docker-compose -f docker-compose-light.yml logs -f    # Follow logs"
+echo "   docker-compose -f docker-compose-light.yml ps         # Check status"
+echo "   docker-compose -f docker-compose-light.yml down       # Stop services"
+echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+echo ""
+echo "💤 Keeping terminal open for 60 seconds to test persistence..."
+sleep 60
+echo "✅ Test complete - check if this terminal is still visible!"
+
+# Show final status
+docker-compose -f docker-compose-light.yml ps
 EXIT_CODE=$?
 
 # If it failed, provide helpful instructions

.devcontainer/with-mcp/devcontainer.json

@@ -1,29 +0,0 @@
-{
-  // Extend the base configuration
-  "extends": "../devcontainer-base.json",
-
-  "name": "Apache Superset Development with MCP",
-
-  // Forward ports for development
-  "forwardPorts": [9001, 5008],
-  "portsAttributes": {
-    "9001": {
-      "label": "Superset (via Webpack Dev Server)",
-      "onAutoForward": "notify",
-      "visibility": "public"
-    },
-    "5008": {
-      "label": "MCP Service (Model Context Protocol)",
-      "onAutoForward": "notify",
-      "visibility": "private"
-    }
-  },
-
-  // Auto-start Superset with MCP on Codespace resume
-  "postStartCommand": "ENABLE_MCP=true .devcontainer/start-superset.sh",
-
-  // Environment variables
-  "containerEnv": {
-    "ENABLE_MCP": "true"
-  }
-}

.envrc.example

@@ -1,41 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-# Auto-configure Docker Compose for multi-instance support
-# Requires direnv: https://direnv.net/
-#
-# Install: brew install direnv (or apt install direnv)
-# Setup: Add 'eval "$(direnv hook bash)"' to ~/.bashrc (or ~/.zshrc)
-# Allow: Run 'direnv allow' in this directory once
-
-# Generate unique project name from directory
-export COMPOSE_PROJECT_NAME=$(basename "$PWD" | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9]/-/g')
-
-# Find available ports sequentially to avoid collisions
-_is_free() { ! lsof -i ":$1" &>/dev/null 2>&1; }
-
-_p=80;    while ! _is_free $_p; do ((_p++)); done; export NGINX_PORT=$_p
-_p=8088;  while ! _is_free $_p; do ((_p++)); done; export SUPERSET_PORT=$_p
-_p=9000;  while ! _is_free $_p; do ((_p++)); done; export NODE_PORT=$_p
-_p=8080;  while ! _is_free $_p || [ $_p -eq $NGINX_PORT ]; do ((_p++)); done; export WEBSOCKET_PORT=$_p
-_p=8081;  while ! _is_free $_p || [ $_p -eq $WEBSOCKET_PORT ]; do ((_p++)); done; export CYPRESS_PORT=$_p
-_p=5432;  while ! _is_free $_p; do ((_p++)); done; export DATABASE_PORT=$_p
-_p=6379;  while ! _is_free $_p; do ((_p++)); done; export REDIS_PORT=$_p
-
-unset _p _is_free
-
-echo "🐳 Superset configured: http://localhost:$SUPERSET_PORT (dev: localhost:$NODE_PORT)"

.github/CODEOWNERS

@@ -20,7 +20,7 @@
 
 # Notify PMC members of changes to GitHub Actions
 
-/.github/ @villebro @geido @eschutho @rusackas @betodealmeida @nytai @mistercrunch @craig-rueda @kgabryje @dpgaspar @sadpandajoe
+/.github/ @villebro @geido @eschutho @rusackas @betodealmeida @nytai @mistercrunch @craig-rueda @kgabryje @dpgaspar
 
 # Notify PMC members of changes to required GitHub Actions
 
@@ -33,7 +33,6 @@
 
 # Notify PMC members of changes to extension-related files
 
-/docs/developer_portal/extensions/ @michael-s-molina @villebro @rusackas
 /superset-core/ @michael-s-molina @villebro @geido @eschutho @rusackas @kgabryje
 /superset-extensions-cli/ @michael-s-molina @villebro @geido @eschutho @rusackas @kgabryje
 /superset/core/ @michael-s-molina @villebro @geido @eschutho @rusackas @kgabryje

.github/ISSUE_TEMPLATE/bug-report.yml

@@ -41,8 +41,8 @@ body:
       label: Superset version
       options:
         - master / latest-dev
-        - "6.0.0"
         - "5.0.0"
+        - "4.1.3"
     validations:
       required: true
   - type: dropdown

.github/copilot-instructions.md

@@ -1 +1 @@
-../AGENTS.md
+../LLMS.md

.github/dependabot.yml

@@ -5,7 +5,7 @@ updates:
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
 
   - package-ecosystem: "npm"
     ignore:
@@ -18,7 +18,7 @@ updates:
       - dependency-name: "jest-environment-jsdom"
     directory: "/superset-frontend/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -40,21 +40,21 @@ updates:
   - package-ecosystem: "npm"
     directory: ".github/actions"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     open-pull-requests-limit: 10
     versioning-strategy: increase
 
   - package-ecosystem: "npm"
     directory: "/docs/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     open-pull-requests-limit: 10
     versioning-strategy: increase
 
   - package-ecosystem: "npm"
     directory: "/superset-websocket/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -63,7 +63,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-websocket/utils/client-ws-app/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -75,7 +75,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-calendar/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -85,7 +85,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-histogram/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -95,7 +95,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-partition/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -105,7 +105,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-world-map/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -115,7 +115,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/plugin-chart-pivot-table/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -125,7 +125,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-chord/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -135,7 +135,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-horizon/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -145,7 +145,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-rose/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -155,7 +155,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-preset-chart-deckgl/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -165,7 +165,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/plugin-chart-table/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -175,7 +175,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-country-map/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -185,7 +185,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-map-box/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -195,7 +195,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-sankey/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -205,7 +205,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-preset-chart-nvd3/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -215,7 +215,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/plugin-chart-word-cloud/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -225,7 +225,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-event-flow/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -235,7 +235,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-paired-t-test/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -245,7 +245,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-sankey-loop/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -255,7 +255,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/plugin-chart-echarts/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -265,7 +265,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/preset-chart-xy/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -275,7 +275,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-heatmap/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -285,7 +285,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-parallel-coordinates/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -295,7 +295,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/legacy-plugin-chart-sunburst/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -305,7 +305,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/plugins/plugin-chart-handlebars/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -315,7 +315,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/packages/generator-superset/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -325,7 +325,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/packages/superset-ui-chart-controls/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -339,7 +339,7 @@ updates:
       - dependency-name: "react-markdown"
       - dependency-name: "remark-gfm"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -349,7 +349,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/packages/superset-ui-demo/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot
@@ -359,7 +359,7 @@ updates:
   - package-ecosystem: "npm"
     directory: "/superset-frontend/packages/superset-ui-switchboard/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     labels:
       - npm
       - dependabot

.github/workflows/bashlib.sh

@@ -117,19 +117,6 @@ testdata() {
   say "::endgroup::"
 }
 
-playwright_testdata() {
-  cd "$GITHUB_WORKSPACE"
-  say "::group::Load all examples for Playwright tests"
-  # must specify PYTHONPATH to make `tests.superset_test_config` importable
-  export PYTHONPATH="$GITHUB_WORKSPACE"
-  pip install -e .
-  superset db upgrade
-  superset load_test_users
-  superset load_examples
-  superset init
-  say "::endgroup::"
-}
-
 celery-worker() {
   cd "$GITHUB_WORKSPACE"
   say "::group::Start Celery worker"
@@ -208,7 +195,6 @@ playwright-install() {
 
 playwright-run() {
   local APP_ROOT=$1
-  local TEST_PATH=$2
 
   # Start Flask from the project root (same as Cypress)
   cd "$GITHUB_WORKSPACE"
@@ -252,26 +238,8 @@ playwright-run() {
 
   say "::group::Run Playwright tests"
   echo "Running Playwright with baseURL: ${PLAYWRIGHT_BASE_URL}"
-  if [ -n "$TEST_PATH" ]; then
-    # Check if there are any test files in the specified path
-    if ! find "playwright/tests/${TEST_PATH}" -name "*.spec.ts" -type f 2>/dev/null | grep -q .; then
-      echo "No test files found in ${TEST_PATH} - skipping test run"
-      say "::endgroup::"
-      kill $flaskProcessId
-      return 0
-    fi
-    echo "Running tests: ${TEST_PATH}"
-    # Set INCLUDE_EXPERIMENTAL=true to allow experimental tests to run
-    export INCLUDE_EXPERIMENTAL=true
-    npx playwright test "${TEST_PATH}" --output=playwright-results
-    local status=$?
-    # Unset to prevent leaking into subsequent commands
-    unset INCLUDE_EXPERIMENTAL
-  else
-    echo "Running all required tests (experimental/ excluded via playwright.config.ts)"
-    npx playwright test --output=playwright-results
-    local status=$?
-  fi
+  npx playwright test auth/login --reporter=github --output=playwright-results
+  local status=$?
   say "::endgroup::"
 
   # After job is done, print out Flask log for debugging

.github/workflows/bump-python-package.yml

@@ -32,7 +32,7 @@ jobs:
     steps:
 
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: true
           ref: master
@@ -41,7 +41,7 @@ jobs:
         uses: ./.github/actions/setup-supersetbot/
 
       - name: Set up Python ${{ inputs.python-version }}
-        uses: actions/setup-python@v6
+        uses: actions/setup-python@v5
         with:
           python-version: "3.10"
 

.github/workflows/cancel_duplicates.yml

@@ -31,7 +31,7 @@ jobs:
 
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
         if: steps.check_queued.outputs.count >= 20
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
 
       - name: Cancel duplicate workflow runs
         if: steps.check_queued.outputs.count >= 20

.github/workflows/check-python-deps.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/check_db_migration_confict.yml

@@ -25,9 +25,9 @@ jobs:
       pull-requests: write
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
       - name: Check and notify
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           github-token: ${{ github.token }}
           script: |

.github/workflows/claude.yml

@@ -44,7 +44,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Comment access denied
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             const message = `👋 Hi @${{ github.event.comment.user.login || github.event.review.user.login || github.event.issue.user.login }}!
@@ -71,7 +71,7 @@ jobs:
       id-token: write
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v6
+      uses: actions/checkout@v5
       with:
         fetch-depth: 1
 

.github/workflows/codeql-analysis.yml

@@ -31,7 +31,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
 
       - name: Check for file changes
         id: check
@@ -41,7 +41,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v4
+        uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -53,6 +53,6 @@ jobs:
 
       - name: Perform CodeQL Analysis
         if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: github/codeql-action/analyze@v4
+        uses: github/codeql-action/analyze@v3
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/dependency-review.yml

@@ -27,7 +27,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout Repository"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
       - name: "Dependency Review"
         uses: actions/dependency-review-action@v4
         continue-on-error: true
@@ -53,7 +53,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: "Checkout Repository"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
 
       - name: Setup Python
         uses: ./.github/actions/setup-backend/

.github/workflows/docker.yml

@@ -42,7 +42,7 @@ jobs:
     steps:
 
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
 
@@ -101,23 +101,6 @@ jobs:
           docker images $IMAGE_TAG
           docker history $IMAGE_TAG
 
-      # Scan for vulnerabilities in built container image after pushes to mainline branch.
-      - name: Run Trivy container image vulnerabity scan
-        if: github.event_name == 'push' && github.ref == 'refs/heads/master' && (steps.check.outputs.python || steps.check.outputs.frontend || steps.check.outputs.docker) && matrix.build_preset == 'lean'
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # v0.33.1
-        with:
-          image-ref: ${{ env.IMAGE_TAG }}
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          vuln-type: 'os'
-          severity: 'CRITICAL,HIGH'
-          ignore-unfixed: true
-      - name: Upload Trivy scan results to GitHub Security tab
-        if: github.event_name == 'push' && github.ref == 'refs/heads/master' && (steps.check.outputs.python || steps.check.outputs.frontend || steps.check.outputs.docker) && matrix.build_preset == 'lean'
-        uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
-        with:
-          sarif_file: 'trivy-results.sarif'
-
       - name: docker-compose sanity check
         if: (steps.check.outputs.python || steps.check.outputs.frontend || steps.check.outputs.docker) && matrix.build_preset == 'dev'
         shell: bash
@@ -134,7 +117,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
       - name: Check for file changes

.github/workflows/embedded-sdk-release.yml

@@ -28,8 +28,8 @@ jobs:
       run:
         working-directory: superset-embedded-sdk
     steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v4
         with:
           node-version-file: './superset-embedded-sdk/.nvmrc'
           registry-url: 'https://registry.npmjs.org'

.github/workflows/embedded-sdk-test.yml

@@ -18,8 +18,8 @@ jobs:
       run:
         working-directory: superset-embedded-sdk
     steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v4
         with:
           node-version-file: './superset-embedded-sdk/.nvmrc'
           registry-url: 'https://registry.npmjs.org'

.github/workflows/ephemeral-env-pr-close.yml

@@ -33,7 +33,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v5
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -69,7 +69,7 @@ jobs:
 
       - name: Comment (success)
         if: steps.describe-services.outputs.active == 'true'
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           github-token: ${{github.token}}
           script: |

.github/workflows/ephemeral-env.yml

@@ -63,7 +63,7 @@ jobs:
       - name: Get event SHA
         id: get-sha
         if: steps.eval-label.outputs.result == 'up'
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
@@ -94,7 +94,7 @@ jobs:
             core.setOutput("sha", prSha);
 
       - name: Looking for feature flags in PR description
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         id: eval-feature-flags
         if: steps.eval-label.outputs.result == 'up'
         with:
@@ -116,7 +116,7 @@ jobs:
             return results;
 
       - name: Reply with confirmation comment
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         if: steps.eval-label.outputs.result == 'up'
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -160,7 +160,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ needs.ephemeral-env-label.outputs.sha }} : ${{steps.get-sha.outputs.sha}} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           ref: ${{ needs.ephemeral-env-label.outputs.sha }}
           persist-credentials: false
@@ -189,7 +189,7 @@ jobs:
             --extra-flags "--build-arg INCLUDE_CHROMIUM=false"
 
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v5
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -220,12 +220,12 @@ jobs:
       pull-requests: write
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
         with:
           persist-credentials: false
 
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v5
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -248,7 +248,7 @@ jobs:
 
       - name: Fail on missing container image
         if: steps.check-image.outcome == 'failure'
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           github-token: ${{ github.token }}
           script: |
@@ -318,7 +318,7 @@ jobs:
           echo "ip=$(aws ec2 describe-network-interfaces --network-interface-ids ${{ steps.get-eni.outputs.eni }} | jq -r '.NetworkInterfaces | first | .Association.PublicIp')" >> $GITHUB_OUTPUT
       - name: Comment (success)
         if: ${{ success() }}
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           github-token: ${{github.token}}
           script: |
@@ -331,7 +331,7 @@ jobs:
             });
       - name: Comment (failure)
         if: ${{ failure() }}
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           github-token: ${{github.token}}
           script: |

.github/workflows/generate-FOSSA-report.yml

@@ -27,7 +27,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/github-action-validator.yml

@@ -14,10 +14,10 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
 
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: '20'
 

.github/workflows/issue_creation.yml

@@ -17,7 +17,7 @@ jobs:
     steps:
 
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
 

.github/workflows/labeler.yml

@@ -9,7 +9,7 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-24.04
     steps:
-    - uses: actions/labeler@v6
+    - uses: actions/labeler@v5
       with:
         sync-labels: true
 

.github/workflows/latest-release-tag.yml

@@ -12,7 +12,7 @@ jobs:
 
     steps:
     - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-      uses: actions/checkout@v6
+      uses: actions/checkout@v5
       with:
         persist-credentials: false
         submodules: recursive

.github/workflows/license-check.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/no-hold-label.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
     - name: Check for 'hold' label
-      uses: actions/github-script@v8
+      uses: actions/github-script@v7
       with:
         github-token: ${{secrets.GITHUB_TOKEN}}
         script: |

.github/workflows/pr-lint.yml

@@ -16,7 +16,7 @@ jobs:
       pull-requests: write
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/pre-commit.yml

@@ -21,7 +21,7 @@ jobs:
         python-version: ["current", "previous", "next"]
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
@@ -39,7 +39,7 @@ jobs:
           echo "HOMEBREW_REPOSITORY=$HOMEBREW_REPOSITORY" >>"${GITHUB_ENV}"
           brew install norwoodj/tap/helm-docs
       - name: Setup Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: '20'
 
@@ -54,7 +54,7 @@ jobs:
           yarn install --immutable
 
       - name: Cache pre-commit environments
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.cache/pre-commit
           key: pre-commit-v2-${{ runner.os }}-py${{ matrix.python-version }}-${{ hashFiles('.pre-commit-config.yaml') }}
@@ -71,9 +71,7 @@ jobs:
           GIT_DIFF_EXIT_CODE=$?
           if [ "${PRE_COMMIT_EXIT_CODE}" -ne 0 ] || [ "${GIT_DIFF_EXIT_CODE}" -ne 0 ]; then
             if [ "${PRE_COMMIT_EXIT_CODE}" -ne 0 ]; then
-              echo "❌ Pre-commit check failed (exit code: ${PRE_COMMIT_EXIT_CODE})."
-              echo "🔍 Modified files:"
-              git diff --name-only
+              echo "❌ Pre-commit check failed (exit code: ${EXIT_CODE})."
             else
               echo "❌ Git working directory is dirty."
               echo "📌 This likely means that pre-commit made changes that were not committed."

.github/workflows/prefer-typescript.yml

@@ -27,7 +27,7 @@ jobs:
       pull-requests: write
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/release.yml

@@ -26,7 +26,7 @@ jobs:
     name: Bump version and publish package(s)
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
         with:
           # pulls all commits (needed for lerna / semantic release to correctly version)
           fetch-depth: 0
@@ -42,13 +42,13 @@ jobs:
 
       - name: Install Node.js
         if: env.HAS_TAGS
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version-file: './superset-frontend/.nvmrc'
 
       - name: Cache npm
         if: env.HAS_TAGS
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.npm # npm cache files are stored in `~/.npm` on Linux/macOS
           key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
@@ -62,7 +62,7 @@ jobs:
         run: echo "dir=$(npm config get cache)" >> $GITHUB_OUTPUT
       - name: Cache npm
         if: env.HAS_TAGS
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         id: npm-cache # use this to check for `cache-hit` (`steps.npm-cache.outputs.cache-hit != 'true'`)
         with:
           path: ${{ steps.npm-cache-dir-path.outputs.dir }}

.github/workflows/showtime-cleanup.yml

@@ -7,6 +7,12 @@ on:
 
   # Manual trigger for testing
   workflow_dispatch:
+    inputs:
+      max_age_hours:
+        description: 'Maximum age in hours before cleanup'
+        required: false
+        default: '48'
+        type: string
 
 # Common environment variables
 env:
@@ -32,5 +38,13 @@ jobs:
 
       - name: Cleanup expired environments
         run: |
-          echo "Cleaning up environments respecting TTL labels"
-          python -m showtime cleanup --respect-ttl
+          MAX_AGE="${{ github.event.inputs.max_age_hours || '48' }}"
+
+          # Validate max_age is numeric
+          if [[ ! "$MAX_AGE" =~ ^[0-9]+$ ]]; then
+            echo "❌ Invalid max_age_hours format: $MAX_AGE (must be numeric)"
+            exit 1
+          fi
+
+          echo "Cleaning up environments older than ${MAX_AGE}h"
+          python -m showtime cleanup --older-than "${MAX_AGE}h"

.github/workflows/showtime-trigger.yml

@@ -37,7 +37,7 @@ jobs:
     steps:
       - name: Security Check - Authorize Maintainers Only
         id: auth
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
@@ -147,7 +147,7 @@ jobs:
 
       - name: Checkout PR code (only if build needed)
         if: steps.auth.outputs.authorized == 'true' && steps.check.outputs.build_needed == 'true'
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           ref: ${{ steps.check.outputs.target_sha }}
           persist-credentials: false

.github/workflows/superset-app-cli.yml

@@ -37,7 +37,7 @@ jobs:
           - 16379:6379
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/superset-applitool-cypress.yml

@@ -51,7 +51,7 @@ jobs:
           - 16379:6379
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
@@ -63,7 +63,7 @@ jobs:
         with:
           run: testdata
       - name: Setup Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version-file: './superset-frontend/.nvmrc'
       - name: Install npm dependencies

.github/workflows/superset-applitools-storybook.yml

@@ -30,13 +30,13 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
           ref: master
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version-file: './superset-frontend/.nvmrc'
       - name: Install eyes-storybook dependencies

.github/workflows/superset-docs-deploy.yml

@@ -31,12 +31,12 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version-file: './docs/.nvmrc'
       - name: Setup Python

.github/workflows/superset-docs-verify.yml

@@ -18,17 +18,15 @@ jobs:
     name: Link Checking
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
       # Do not bump this linkinator-action version without opening
       # an ASF Infra ticket to allow the new version first!
-      - uses: JustinBeckwith/linkinator-action@af984b9f30f63e796ae2ea5be5e07cb587f1bbd9  # v2.3
+      - uses: JustinBeckwith/linkinator-action@v1.11.0
         continue-on-error: true # This will make the job advisory (non-blocking, no red X)
         with:
-          paths: "**/*.md, **/*.mdx"
+          paths: "**/*.md, **/*.mdx, !superset-frontend/CHANGELOG.md"
           linksToSkip: >-
-            ^https://github.com/apache/(superset|incubator-superset)/(pull|issues)/\d+,
-            ^https://github.com/apache/(superset|incubator-superset)/commit/[a-f0-9]+,
-            superset-frontend/.*CHANGELOG\.md,
+            ^https://github.com/apache/(superset|incubator-superset)/(pull|issue)/\d+,
             http://localhost:8088/,
             http://127.0.0.1:3000/,
             http://localhost:9001/,
@@ -43,12 +41,12 @@ jobs:
             http://theiconic.com.au/,
             https://dev.mysql.com/doc/refman/5.7/en/innodb-limits.html,
             ^https://img\.shields\.io/.*,
-            https://vkusvill.ru/,
-            https://www.linkedin.com/in/mark-thomas-b16751158/,
-            https://theiconic.com.au/,
-            https://wattbewerb.de/,
-            https://timbr.ai/,
-            https://opensource.org/license/apache-2-0,
+            https://vkusvill.ru/
+            https://www.linkedin.com/in/mark-thomas-b16751158/
+            https://theiconic.com.au/
+            https://wattbewerb.de/
+            https://timbr.ai/
+            https://opensource.org/license/apache-2-0
             https://www.plaidcloud.com/
   build-deploy:
     name: Build & Deploy
@@ -58,12 +56,12 @@ jobs:
         working-directory: docs
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version-file: './docs/.nvmrc'
       - name: yarn install

.github/workflows/superset-e2e.yml

@@ -69,21 +69,21 @@ jobs:
       # Conditional checkout based on context
       - name: Checkout for push or pull_request event
         if: github.event_name == 'push' || github.event_name == 'pull_request'
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
           ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
       - name: Checkout using ref (workflow_dispatch)
         if: github.event_name == 'workflow_dispatch' && github.event.inputs.ref != ''
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           ref: ${{ github.event.inputs.ref }}
           submodules: recursive
       - name: Checkout using PR ID (workflow_dispatch)
         if: github.event_name == 'workflow_dispatch' && github.event.inputs.pr_id != ''
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           ref: refs/pull/${{ github.event.inputs.pr_id }}/merge
@@ -109,7 +109,7 @@ jobs:
           run: testdata
       - name: Setup Node.js
         if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version-file: './superset-frontend/.nvmrc'
       - name: Install npm dependencies
@@ -146,123 +146,8 @@ jobs:
           SAFE_APP_ROOT=${APP_ROOT//\//_}
           echo "safe_app_root=$SAFE_APP_ROOT" >> $GITHUB_OUTPUT
       - name: Upload Artifacts
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v4
         if: failure()
         with:
           path: ${{ github.workspace }}/superset-frontend/cypress-base/cypress/screenshots
           name: cypress-artifact-${{ github.run_id }}-${{ github.job }}-${{ matrix.browser }}-${{ matrix.parallel_id }}--${{ steps.set-safe-app-root.outputs.safe_app_root }}
-
-  playwright-tests:
-    runs-on: ubuntu-22.04
-    permissions:
-      contents: read
-      pull-requests: read
-    strategy:
-      fail-fast: false
-      matrix:
-        browser: ["chromium"]
-        app_root: ["", "/app/prefix"]
-    env:
-      SUPERSET_ENV: development
-      SUPERSET_CONFIG: tests.integration_tests.superset_test_config
-      SUPERSET__SQLALCHEMY_DATABASE_URI: postgresql+psycopg2://superset:superset@127.0.0.1:15432/superset
-      PYTHONPATH: ${{ github.workspace }}
-      REDIS_PORT: 16379
-      GITHUB_TOKEN: ${{ github.token }}
-    services:
-      postgres:
-        image: postgres:16-alpine
-        env:
-          POSTGRES_USER: superset
-          POSTGRES_PASSWORD: superset
-        ports:
-          - 15432:5432
-      redis:
-        image: redis:7-alpine
-        ports:
-          - 16379:6379
-    steps:
-      # -------------------------------------------------------
-      # Conditional checkout based on context (same as Cypress workflow)
-      - name: Checkout for push or pull_request event
-        if: github.event_name == 'push' || github.event_name == 'pull_request'
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: false
-          submodules: recursive
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-      - name: Checkout using ref (workflow_dispatch)
-        if: github.event_name == 'workflow_dispatch' && github.event.inputs.ref != ''
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: false
-          ref: ${{ github.event.inputs.ref }}
-          submodules: recursive
-      - name: Checkout using PR ID (workflow_dispatch)
-        if: github.event_name == 'workflow_dispatch' && github.event.inputs.pr_id != ''
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: false
-          ref: refs/pull/${{ github.event.inputs.pr_id }}/merge
-          submodules: recursive
-      # -------------------------------------------------------
-      - name: Check for file changes
-        id: check
-        uses: ./.github/actions/change-detector/
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-      - name: Setup Python
-        uses: ./.github/actions/setup-backend/
-        if: steps.check.outputs.python || steps.check.outputs.frontend
-      - name: Setup postgres
-        if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: ./.github/actions/cached-dependencies
-        with:
-          run: setup-postgres
-      - name: Import test data
-        if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: ./.github/actions/cached-dependencies
-        with:
-          run: playwright_testdata
-      - name: Setup Node.js
-        if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: actions/setup-node@v6
-        with:
-          node-version-file: './superset-frontend/.nvmrc'
-      - name: Install npm dependencies
-        if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: ./.github/actions/cached-dependencies
-        with:
-          run: npm-install
-      - name: Build javascript packages
-        if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: ./.github/actions/cached-dependencies
-        with:
-          run: build-instrumented-assets
-      - name: Install Playwright
-        if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: ./.github/actions/cached-dependencies
-        with:
-          run: playwright-install
-      - name: Run Playwright (Required Tests)
-        if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: ./.github/actions/cached-dependencies
-        env:
-          NODE_OPTIONS: "--max-old-space-size=4096"
-        with:
-          run: playwright-run "${{ matrix.app_root }}"
-      - name: Set safe app root
-        if: failure()
-        id: set-safe-app-root
-        run: |
-          APP_ROOT="${{ matrix.app_root }}"
-          SAFE_APP_ROOT=${APP_ROOT//\//_}
-          echo "safe_app_root=$SAFE_APP_ROOT" >> $GITHUB_OUTPUT
-      - name: Upload Playwright Artifacts
-        uses: actions/upload-artifact@v6
-        if: failure()
-        with:
-          path: |
-            ${{ github.workspace }}/superset-frontend/playwright-results/
-            ${{ github.workspace }}/superset-frontend/test-results/
-          name: playwright-artifact-${{ github.run_id }}-${{ github.job }}-${{ matrix.browser }}--${{ steps.set-safe-app-root.outputs.safe_app_root }}

.github/workflows/superset-extensions-cli.yml

@@ -24,7 +24,7 @@ jobs:
         working-directory: superset-extensions-cli
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
@@ -58,7 +58,7 @@ jobs:
 
       - name: Upload HTML coverage report
         if: steps.check.outputs.superset-extensions-cli
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v4
         with:
           name: superset-extensions-cli-coverage-html
           path: htmlcov/

.github/workflows/superset-frontend.yml

@@ -23,7 +23,7 @@ jobs:
       should-run: ${{ steps.check.outputs.frontend }}
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           fetch-depth: 0
@@ -58,7 +58,7 @@ jobs:
 
       - name: Upload Docker Image Artifact
         if: steps.check.outputs.frontend
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v4
         with:
           name: docker-image
           path: docker-image.tar.gz
@@ -73,7 +73,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Download Docker Image Artifact
-        uses: actions/download-artifact@v7
+        uses: actions/download-artifact@v5
         with:
           name: docker-image
 
@@ -90,7 +90,7 @@ jobs:
           "npm run test -- --coverage --shard=${{ matrix.shard }}/8 --coverageReporters=json-summary"
 
       - name: Upload Coverage Artifact
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v4
         with:
           name: coverage-artifacts-${{ matrix.shard }}
           path: superset-frontend/coverage
@@ -101,7 +101,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Download Coverage Artifacts
-        uses: actions/download-artifact@v7
+        uses: actions/download-artifact@v5
         with:
           pattern: coverage-artifacts-*
           path: coverage/
@@ -127,7 +127,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Download Docker Image Artifact
-        uses: actions/download-artifact@v7
+        uses: actions/download-artifact@v5
         with:
           name: docker-image
 
@@ -135,15 +135,15 @@ jobs:
         run: |
           docker load < docker-image.tar.gz
 
-      - name: lint
+      - name: eslint
         run: |
           docker run --rm $TAG bash -c \
-          "npm i && npm run lint"
+          "npm i && npm run eslint -- . --quiet"
 
       - name: tsc
         run: |
           docker run --rm $TAG bash -c \
-          "npm i && npm run plugins:build && npm run type"
+          "npm run plugins:build && npm run type"
 
   validate-frontend:
     needs: frontend-build
@@ -151,7 +151,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Download Docker Image Artifact
-        uses: actions/download-artifact@v7
+        uses: actions/download-artifact@v5
         with:
           name: docker-image
 
@@ -167,21 +167,3 @@ jobs:
         run: |
           docker run --rm $TAG bash -c \
           "npm run plugins:build-storybook"
-
-  test-storybook:
-    needs: frontend-build
-    if: needs.frontend-build.outputs.should-run == 'true'
-    runs-on: ubuntu-24.04
-    steps:
-      - name: Download Docker Image Artifact
-        uses: actions/download-artifact@v7
-        with:
-          name: docker-image
-
-      - name: Load Docker Image
-        run: docker load < docker-image.tar.gz
-
-      - name: Build Storybook and Run Tests
-        run: |
-          docker run --rm $TAG bash -c \
-          "npm run build-storybook && npx playwright install-deps && npx playwright install chromium && npm run test-storybook:ci"

.github/workflows/superset-helm-lint.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/superset-helm-release.yml

@@ -29,7 +29,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           ref: ${{ inputs.ref || github.ref_name }}
           persist-credentials: true
@@ -101,7 +101,7 @@ jobs:
           CR_RELEASE_NAME_TEMPLATE: "superset-helm-chart-{{ .Version }}"
 
       - name: Open Pull Request
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             const branchName = '${{ env.branch_name }}';

.github/workflows/superset-playwright.yml

@@ -1,4 +1,4 @@
-name: Playwright Experimental Tests
+name: Playwright E2E Tests
 
 on:
   push:
@@ -23,10 +23,9 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  # NOTE: Required Playwright tests are in superset-e2e.yml (E2E / playwright-tests)
-  # This workflow contains only experimental tests that run in shadow mode
-  playwright-tests-experimental:
+  playwright-tests:
     runs-on: ubuntu-22.04
+    # Allow workflow to succeed even if tests fail during shadow mode
     continue-on-error: true
     permissions:
       contents: read
@@ -60,21 +59,21 @@ jobs:
       # Conditional checkout based on context (same as Cypress workflow)
       - name: Checkout for push or pull_request event
         if: github.event_name == 'push' || github.event_name == 'pull_request'
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
           ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
       - name: Checkout using ref (workflow_dispatch)
         if: github.event_name == 'workflow_dispatch' && github.event.inputs.ref != ''
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           ref: ${{ github.event.inputs.ref }}
           submodules: recursive
       - name: Checkout using PR ID (workflow_dispatch)
         if: github.event_name == 'workflow_dispatch' && github.event.inputs.pr_id != ''
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           ref: refs/pull/${{ github.event.inputs.pr_id }}/merge
@@ -97,10 +96,10 @@ jobs:
         if: steps.check.outputs.python || steps.check.outputs.frontend
         uses: ./.github/actions/cached-dependencies
         with:
-          run: playwright_testdata
+          run: testdata
       - name: Setup Node.js
         if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version-file: './superset-frontend/.nvmrc'
       - name: Install npm dependencies
@@ -118,13 +117,13 @@ jobs:
         uses: ./.github/actions/cached-dependencies
         with:
           run: playwright-install
-      - name: Run Playwright (Experimental Tests)
+      - name: Run Playwright
         if: steps.check.outputs.python || steps.check.outputs.frontend
         uses: ./.github/actions/cached-dependencies
         env:
           NODE_OPTIONS: "--max-old-space-size=4096"
         with:
-          run: playwright-run "${{ matrix.app_root }}" experimental/
+          run: playwright-run ${{ matrix.app_root }}
       - name: Set safe app root
         if: failure()
         id: set-safe-app-root
@@ -133,10 +132,10 @@ jobs:
           SAFE_APP_ROOT=${APP_ROOT//\//_}
           echo "safe_app_root=$SAFE_APP_ROOT" >> $GITHUB_OUTPUT
       - name: Upload Playwright Artifacts
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v4
         if: failure()
         with:
           path: |
             ${{ github.workspace }}/superset-frontend/playwright-results/
             ${{ github.workspace }}/superset-frontend/test-results/
-          name: playwright-experimental-artifact-${{ github.run_id }}-${{ github.job }}-${{ matrix.browser }}--${{ steps.set-safe-app-root.outputs.safe_app_root }}
+          name: playwright-artifact-${{ github.run_id }}-${{ github.job }}-${{ matrix.browser }}--${{ steps.set-safe-app-root.outputs.safe_app_root }}

.github/workflows/superset-python-integrationtest.yml

@@ -41,7 +41,7 @@ jobs:
           - 16379:6379
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
@@ -99,7 +99,7 @@ jobs:
           - 16379:6379
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
@@ -152,7 +152,7 @@ jobs:
           - 16379:6379
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/superset-python-presto-hive.yml

@@ -48,7 +48,7 @@ jobs:
           - 16379:6379
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
@@ -108,7 +108,7 @@ jobs:
           - 16379:6379
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/superset-python-unittest.yml

@@ -24,7 +24,7 @@ jobs:
       PYTHONPATH: ${{ github.workspace }}
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/superset-translations.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive
@@ -31,7 +31,7 @@ jobs:
 
       - name: Setup Node.js
         if: steps.check.outputs.frontend
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version-file:  './superset-frontend/.nvmrc'
       - name: Install dependencies
@@ -49,7 +49,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
           submodules: recursive

.github/workflows/superset-websocket.yml

@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
       - name: Install dependencies

.github/workflows/supersetbot.yml

@@ -26,7 +26,7 @@ jobs:
     steps:
       - name: Quickly add thumbs up!
         if: github.event_name == 'issue_comment' && contains(github.event.comment.body, '@supersetbot')
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             const [owner, repo] = process.env.GITHUB_REPOSITORY.split('/')
@@ -38,7 +38,7 @@ jobs:
             });
 
       - name: "Checkout ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
 

.github/workflows/tag-release.yml

@@ -47,7 +47,7 @@ jobs:
     steps:
 
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
 
@@ -60,7 +60,7 @@ jobs:
           build: "true"
 
       - name: Use Node.js 20
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: 20
 
@@ -107,12 +107,12 @@ jobs:
     steps:
 
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
 
       - name: Use Node.js 20
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: 20
 

.github/workflows/tech-debt.yml

@@ -27,10 +27,10 @@ jobs:
     name: Generate Reports
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
 
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version-file: './superset-frontend/.nvmrc'
 

.gitignore

@@ -33,7 +33,6 @@ cover
 .env
 .envrc
 .idea
-.roo
 .mypy_cache
 .python-version
 .tox
@@ -122,8 +121,6 @@ docker/requirements-local.txt
 
 cache/
 docker/*local*
-docker/superset-websocket/config.json
-docker-compose.override.yml
 
 .temp_cache
 
@@ -137,5 +134,3 @@ PROJECT.md
 .aider*
 .claude_rc*
 .env.local
-oxc-custom-build/
-*.code-workspace

.pre-commit-config.yaml

@@ -54,35 +54,21 @@ repos:
         exclude: ^helm/superset/templates/
       - id: debug-statements
       - id: end-of-file-fixer
-        exclude: .*/lerna\.json$|^docs/static/img/logos/
+        exclude: .*/lerna\.json$
       - id: trailing-whitespace
         exclude: ^.*\.(snap)
         args: ["--markdown-linebreak-ext=md"]
   - repo: local
     hooks:
-      - id: prettier-frontend
-        name: prettier (frontend)
-        entry: bash -c 'cd superset-frontend && for file in "$@"; do npx prettier --write "${file#superset-frontend/}"; done'
-        language: system
-        pass_filenames: true
-        files: ^superset-frontend/.*\.(js|jsx|ts|tsx|css|scss|sass|json)$
-  - repo: local
-    hooks:
-      - id: oxlint-frontend
-        name: oxlint (frontend)
-        entry: ./scripts/oxlint.sh
-        language: system
-        pass_filenames: true
-        files: ^superset-frontend/.*\.(js|jsx|ts|tsx)$
-      - id: custom-rules-frontend
-        name: custom rules (frontend)
-        entry: ./scripts/check-custom-rules.sh
+      - id: eslint-frontend
+        name: eslint (frontend)
+        entry: ./scripts/eslint.sh
         language: system
         pass_filenames: true
         files: ^superset-frontend/.*\.(js|jsx|ts|tsx)$
       - id: eslint-docs
         name: eslint (docs)
-        entry: bash -c 'cd docs && FILES=$(echo "$@" | sed "s|docs/||g") && yarn eslint --fix --quiet $FILES'
+        entry: bash -c 'cd docs && FILES=$(echo "$@" | sed "s|docs/||g") && yarn eslint --fix --ext .js,.jsx,.ts,.tsx --quiet $FILES'
         language: system
         pass_filenames: true
         files: ^docs/.*\.(js|jsx|ts|tsx)$
@@ -106,19 +92,12 @@ repos:
         files: helm
         verbose: false
         args: ["--log-level", "error"]
-  # Using local hooks ensures ruff version matches requirements/development.txt
-  - repo: local
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.9.7
     hooks:
       - id: ruff-format
-        name: ruff-format
-        entry: ruff format
-        language: system
-        types: [python]
       - id: ruff
-        name: ruff
-        entry: ruff check --fix --show-fixes
-        language: system
-        types: [python]
+        args: [--fix]
   - repo: local
     hooks:
       - id: pylint
@@ -131,12 +110,9 @@ repos:
           - -c
           - |
             TARGET_BRANCH=${GITHUB_BASE_REF:-master}
-            # Only fetch if we're not in CI (CI already has all refs)
-            if [ -z "$CI" ]; then
-              git fetch --no-recurse-submodules origin "$TARGET_BRANCH" 2>/dev/null || true
-            fi
-            BASE=$(git merge-base origin/"$TARGET_BRANCH" HEAD 2>/dev/null) || BASE="HEAD"
-            files=$(git diff --name-only --diff-filter=ACM "$BASE"..HEAD 2>/dev/null | grep '^superset/.*\.py$' || true)
+            git fetch origin "$TARGET_BRANCH"
+            BASE=$(git merge-base origin/"$TARGET_BRANCH" HEAD)
+            files=$(git diff --name-only --diff-filter=ACM "$BASE"..HEAD | grep '^superset/.*\.py$' || true)
             if [ -n "$files" ]; then
               pylint --rcfile=.pylintrc --load-plugins=superset.extensions.pylint --reports=no $files
             else

.pylintrc

@@ -53,7 +53,7 @@ extension-pkg-whitelist=pyarrow
 
 [MESSAGES CONTROL]
 disable=all
-enable=json-import,disallowed-sql-import,consider-using-transaction
+enable=disallowed-json-import,disallowed-sql-import,consider-using-transaction
 
 
 [REPORTS]

.rat-excludes

@@ -11,7 +11,6 @@
 .nvmrc
 .prettierrc
 .rat-excludes
-.swcrc
 .*log
 .*pyc
 .*lock
@@ -76,9 +75,6 @@ snowflake.svg
 ydb.svg
 loading.svg
 
-# docs third-party logos, i.e. docs/static/img/logos/*
-logos/*
-
 # docs-related
 erd.puml
 erd.svg
@@ -86,8 +82,6 @@ intro_header.txt
 
 # for LLMs
 llm-context.md
-llms.txt
-AGENTS.md
 LLMS.md
 CLAUDE.md
 CURSOR.md

CHANGELOG.md

@@ -49,4 +49,3 @@ under the License.
 - [4.1.3](./CHANGELOG/4.1.3.md)
 - [4.1.4](./CHANGELOG/4.1.4.md)
 - [5.0.0](./CHANGELOG/5.0.0.md)
-- [6.0.0](./CHANGELOG/6.0.0.md)

CLAUDE.md

@@ -1 +1 @@
-AGENTS.md
+LLMS.md

CONTRIBUTING.md

@@ -5,7 +5,7 @@
  regarding copyright ownership.  The ASF licenses this file
  to you under the Apache License, Version 2.0 (the
  "License"); you may not use this file except in compliance
- with the License.  You may obtain a copy of the License at
+ with the License. You may obtain a copy of the License at
 
    http://www.apache.org/licenses/LICENSE-2.0
 
@@ -16,23 +16,9 @@
  specific language governing permissions and limitations
  under the License.
 -->
-# Contributing to Apache Superset
-
 Contributions are welcome and are greatly appreciated! Every
 little bit helps, and credit will always be given.
 
-## Developer Portal
-
-All developer and contribution documentation has moved to the Apache Superset Developer Portal:
-
-**[📚 View the Developer Portal →](https://superset.apache.org/developer_portal/)**
-
-The Developer Portal includes comprehensive guides for:
-- [Contributing Overview](https://superset.apache.org/developer_portal/contributing/overview)
-- [Development Setup](https://superset.apache.org/developer_portal/contributing/development-setup)
-- [Submitting Pull Requests](https://superset.apache.org/developer_portal/contributing/submitting-pr)
-- [Contribution Guidelines](https://superset.apache.org/developer_portal/contributing/guidelines)
-- [Code Review Process](https://superset.apache.org/developer_portal/contributing/code-review)
-- [Development How-tos](https://superset.apache.org/developer_portal/contributing/howtos)
-
-Source for the Developer Portal documentation is [located here](https://github.com/apache/superset/tree/master/docs/developer_portal).
+All matters related to contributions have moved to [this section of
+the official Superset documentation](https://superset.apache.org/docs/contributing/). Source for the documentation is
+[located here](https://github.com/apache/superset/tree/master/docs/docs).

Dockerfile

@@ -18,7 +18,7 @@
 ######################################################################
 # Node stage to deal with static asset construction
 ######################################################################
-ARG PY_VER=3.11.14-slim-trixie
+ARG PY_VER=3.11.13-slim-trixie
 
 # If BUILDPLATFORM is null, set it to 'amd64' (or leave as is otherwise).
 ARG BUILDPLATFORM=${BUILDPLATFORM:-amd64}
@@ -26,9 +26,6 @@ ARG BUILDPLATFORM=${BUILDPLATFORM:-amd64}
 # Include translations in the final build
 ARG BUILD_TRANSLATIONS="false"
 
-# Build arg to pre-populate examples DuckDB file
-ARG LOAD_EXAMPLES_DUCKDB="false"
-
 ######################################################################
 # superset-node-ci used as a base for building frontend assets and CI
 ######################################################################
@@ -146,8 +143,8 @@ RUN if [ "${BUILD_TRANSLATIONS}" = "true" ]; then \
 ######################################################################
 FROM python-base AS python-common
 
-# Re-declare build arg to receive it in this stage
-ARG LOAD_EXAMPLES_DUCKDB
+# Build arg to pre-populate examples DuckDB file
+ARG LOAD_EXAMPLES_DUCKDB="false"
 
 ENV SUPERSET_HOME="/app/superset_home" \
     HOME="/app/superset_home" \
@@ -160,7 +157,7 @@ ENV SUPERSET_HOME="/app/superset_home" \
 COPY --chmod=755 docker/entrypoints /app/docker/entrypoints
 
 WORKDIR /app
-# Set up necessary directories
+# Set up necessary directories and user
 RUN mkdir -p \
       ${PYTHONPATH} \
       superset/static \
@@ -171,8 +168,6 @@ RUN mkdir -p \
     && touch superset/static/version_info.json
 
 # Install Playwright and optionally setup headless browsers
-ENV PLAYWRIGHT_BROWSERS_PATH=/usr/local/share/playwright-browsers
-
 ARG INCLUDE_CHROMIUM="false"
 ARG INCLUDE_FIREFOX="false"
 RUN --mount=type=cache,target=${SUPERSET_HOME}/.cache/uv \

GEMINI.md

@@ -1 +1 @@
-AGENTS.md
+LLMS.md

GPT.md

@@ -1 +1 @@
-AGENTS.md
+LLMS.md

LINTING_ARCHITECTURE.md

@@ -1,121 +0,0 @@
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-
-# Superset Frontend Linting Architecture
-
-## Overview
-We use a hybrid linting approach combining OXC (fast, standard rules) with custom AST-based checks for Superset-specific patterns.
-
-## Components
-
-### 1. Primary Linter: OXC
-- **What**: Oxidation Compiler's linter (oxlint)
-- **Handles**: 95% of linting rules (standard ESLint rules, TypeScript, React, etc.)
-- **Speed**: ~50-100x faster than ESLint
-- **Config**: `oxlint.json`
-
-### 2. Custom Rule Checker
-- **What**: Node.js AST-based script
-- **Handles**: Superset-specific rules:
-  - No literal colors (use theme)
-  - No FontAwesome icons (use Icons component)
-  - No template vars in i18n
-- **Speed**: Fast enough for pre-commit
-- **Script**: `scripts/check-custom-rules.js`
-
-## Developer Workflow
-
-### Local Development
-```bash
-# Fast linting (OXC only)
-npm run lint
-
-# Full linting (OXC + custom rules)
-npm run lint:full
-
-# Auto-fix what's possible
-npm run lint-fix
-```
-
-### Pre-commit
-1. OXC runs first (via `scripts/oxlint.sh`)
-2. Custom rules check runs second (lightweight, AST-based)
-3. Both must pass for commit to succeed
-
-### CI Pipeline
-```yaml
-- name: Lint with OXC
-  run: npm run lint
-
-- name: Check custom rules
-  run: npm run check:custom-rules
-```
-
-## Why This Architecture?
-
-### ✅ Pros
-1. **No binary distribution issues** - ASF compatible
-2. **Fast performance** - OXC for bulk, lightweight script for custom
-3. **Maintainable** - Custom rules in JavaScript, not Rust
-4. **Flexible** - Can evolve as OXC adds plugin support
-5. **Cacheable** - Both OXC and Node.js are standard tools
-
-### ❌ Cons  
-1. **Two tools** - Slightly more complex than single linter
-2. **Duplicate parsing** - Files parsed twice (once by each tool)
-
-### 🔄 Migration Path
-When OXC supports JavaScript plugins:
-1. Convert `check-custom-rules.js` to OXC plugin format
-2. Consolidate back to single tool
-3. Keep same rules and developer experience
-
-## Implementation Checklist
-
-- [x] OXC for standard linting
-- [x] Pre-commit integration  
-- [ ] Custom rules script
-- [ ] Combine in npm scripts
-- [ ] Update CI pipeline
-- [ ] Developer documentation
-
-## Performance Targets
-
-| Operation | Target Time | Current |
-|-----------|------------|---------|
-| Pre-commit (changed files) | <2s | ✅ 1.5s |
-| Full lint (all files) | <10s | ✅ 8s |
-| Custom rules check | <5s | 🔄 TBD |
-
-## Caching Strategy
-
-### Local Development
-- OXC: Built-in incremental checking
-- Custom rules: Use file hash cache (similar to pytest cache)
-
-### CI
-- Cache `node_modules` (includes oxlint binary)
-- Cache custom rules results by commit hash
-- Skip unchanged files using git diff
-
-## Future Improvements
-
-1. **When OXC adds plugin support**: Migrate custom rules to OXC plugins
-2. **Consider Biome**: Another Rust-based linter with plugin support
-3. **AST sharing**: Investigate sharing AST between tools to avoid double parsing

LLMS.md

@@ -68,11 +68,7 @@ superset/
 
 ### Apache License Headers
 - **New files require ASF license headers** - When creating new code files, include the standard Apache Software Foundation license header
-- **LLM instruction files are excluded** - Files like AGENTS.md, CLAUDE.md, etc. are in `.rat-excludes` to avoid header token overhead
-
-### Code Comments
-- **Avoid time-specific language** - Don't use words like "now", "currently", "today" in code comments as they become outdated
-- **Write timeless comments** - Comments should remain accurate regardless of when they're read
+- **LLM instruction files are excluded** - Files like LLMS.md, CLAUDE.md, etc. are in `.rat-excludes` to avoid header token overhead
 
 ## Documentation Requirements
 

Makefile

@@ -18,7 +18,7 @@
 # Python version installed; we need 3.10-3.11
 PYTHON=`command -v python3.11 || command -v python3.10`
 
-.PHONY: install superset venv pre-commit up down logs ps nuke ports open
+.PHONY: install superset venv pre-commit
 
 install: superset pre-commit
 
@@ -112,28 +112,3 @@ report-celery-beat:
 
 admin-user:
 	superset fab create-admin
-
-# Docker Compose with auto-assigned ports (for running multiple instances)
-up:
-	./scripts/docker-compose-up.sh
-
-up-detached:
-	./scripts/docker-compose-up.sh -d
-
-down:
-	./scripts/docker-compose-up.sh down
-
-logs:
-	./scripts/docker-compose-up.sh logs -f
-
-ps:
-	./scripts/docker-compose-up.sh ps
-
-nuke:
-	./scripts/docker-compose-up.sh nuke
-
-ports:
-	./scripts/docker-compose-up.sh ports
-
-open:
-	./scripts/docker-compose-up.sh open

README.md

@@ -23,12 +23,8 @@ under the License.
 [![Latest Release on Github](https://img.shields.io/github/v/release/apache/superset?sort=semver)](https://github.com/apache/superset/releases/latest)
 [![Build Status](https://github.com/apache/superset/actions/workflows/superset-python-unittest.yml/badge.svg)](https://github.com/apache/superset/actions)
 [![PyPI version](https://badge.fury.io/py/apache_superset.svg)](https://badge.fury.io/py/apache_superset)
+[![Coverage Status](https://codecov.io/github/apache/superset/coverage.svg?branch=master)](https://codecov.io/github/apache/superset)
 [![PyPI](https://img.shields.io/pypi/pyversions/apache_superset.svg?maxAge=2592000)](https://pypi.python.org/pypi/apache_superset)
-[![GitHub Stars](https://img.shields.io/github/stars/apache/superset?style=social)](https://github.com/apache/superset/stargazers)
-[![Contributors](https://img.shields.io/github/contributors/apache/superset)](https://github.com/apache/superset/graphs/contributors)
-[![Last Commit](https://img.shields.io/github/last-commit/apache/superset)](https://github.com/apache/superset/commits/master)
-[![Open Issues](https://img.shields.io/github/issues/apache/superset)](https://github.com/apache/superset/issues)
-[![Open PRs](https://img.shields.io/github/issues-pr/apache/superset)](https://github.com/apache/superset/pulls)
 [![Get on Slack](https://img.shields.io/badge/slack-join-orange.svg)](http://bit.ly/join-superset-slack)
 [![Documentation](https://img.shields.io/badge/docs-apache.org-blue.svg)](https://superset.apache.org)
 
@@ -55,7 +51,7 @@ A modern, enterprise-ready business intelligence web application.
 [**Get Involved**](#get-involved) |
 [**Contributor Guide**](#contributor-guide) |
 [**Resources**](#resources) |
-[**Organizations Using Superset**](https://superset.apache.org/inTheWild)
+[**Organizations Using Superset**](https://github.com/apache/superset/blob/master/RESOURCES/INTHEWILD.md)
 
 ## Why Superset?
 
@@ -171,7 +167,7 @@ how to set up a development environment.
 
 ## Resources
 
-- [Superset "In the Wild"](https://superset.apache.org/inTheWild) - see who's using Superset, and [add your organization](https://github.com/apache/superset/edit/master/RESOURCES/INTHEWILD.yaml) to the list!
+- [Superset "In the Wild"](https://github.com/apache/superset/blob/master/RESOURCES/INTHEWILD.md) - open a PR to add your org to the list!
 - [Feature Flags](https://github.com/apache/superset/blob/master/RESOURCES/FEATURE_FLAGS.md) - the status of Superset's Feature Flags.
 - [Standard Roles](https://github.com/apache/superset/blob/master/RESOURCES/STANDARD_ROLES.md) - How RBAC permissions map to roles.
 - [Superset Wiki](https://github.com/apache/superset/wiki) - Tons of additional community resources: best practices, community content and other information.

RESOURCES/FEATURE_FLAGS.md

@@ -68,7 +68,7 @@ These features flags are **safe for production**. They have been tested and will
 
 ### Flags retained for runtime configuration
 
-Currently some of our feature flags act as dynamic configurations that can change
+Currently some of our feature flags act as dynamic configurations that can changed
 on the fly. This acts in contradiction with the typical ephemeral feature flag use case,
 where the flag is used to mature a feature, and eventually deprecated once the feature is
 solid. Eventually we'll likely refactor these under a more formal "dynamic configurations" managed

RESOURCES/INTHEWILD.md

@@ -0,0 +1,226 @@
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+## Superset Users in the Wild
+
+Here's a list of organizations, broken down into broad industry categories, that have taken the time to send a PR to let
+the world know they are using Apache Superset. If you are a user and want to be recognized,
+all you have to do is file a simple PR [like this one](https://github.com/apache/superset/pull/10122) — [just click here](https://github.com/apache/superset/edit/master/RESOURCES/INTHEWILD.md) to do so. If you think
+the categorization is inaccurate, please file a PR with your correction as well.
+Join our growing community!
+
+### Sharing Economy
+
+- [Airbnb](https://github.com/airbnb)
+- [Faasos](https://faasos.com/) [@shashanksingh]
+- [Free2Move](https://www.free2move.com/) [@PaoloTerzi]
+- [Hostnfly](https://www.hostnfly.com/) [@alexisrosuel]
+- [Lime](https://www.li.me/) [@cxmcc]
+- [Lyft](https://www.lyft.com/)
+- [Ontruck](https://www.ontruck.com/)
+
+### Financial Services
+
+- [Aktia Bank plc](https://www.aktia.com)
+- [American Express](https://www.americanexpress.com) [@TheLastSultan]
+- [bumper](https://www.bumper.co/) [@vasu-ram, @JamiePercival]
+- [Cape Crypto](https://capecrypto.com)
+- [Capital Service S.A.](https://capitalservice.pl) [@pkonarzewski]
+- [Clark.de](https://clark.de/)
+- [Europace](https://europace.de)
+- [KarrotPay](https://www.daangnpay.com/)
+- [Remita](https://remita.net) [@mujibishola]
+- [Taveo](https://www.taveo.com) [@codek]
+- [Unit](https://www.unit.co/about-us) [@amitmiran137]
+- [Wise](https://wise.com) [@koszti]
+- [Xendit](https://xendit.co/) [@LieAlbertTriAdrian]
+- [Cover Genius](https://covergenius.com/)
+
+### Gaming
+
+- [Popoko VM Games Studio](https://popoko.live)
+
+### E-Commerce
+
+- [AiHello](https://www.aihello.com) [@ganeshkrishnan1]
+- [Bazaar Technologies](https://www.bazaartech.com) [@umair-abro]
+- [Dragonpass](https://www.dragonpass.com.cn/) [@zhxjdwh]
+- [Dropit Shopping](https://www.dropit.shop/) [@dropit-dev]
+- [Fanatics](https://www.fanatics.com/) [@coderfender]
+- [Fordeal](https://www.fordeal.com) [@Renkai]
+- [Fynd](https://www.fynd.com/) [@darpanjain07]
+- [GFG - Global Fashion Group](https://global-fashion-group.com) [@ksaagariconic]
+- [GoTo/Gojek](https://www.gojek.io/) [@gwthm-in]
+- [HuiShouBao](https://www.huishoubao.com/) [@Yukinoshita-Yukino]
+- [Now](https://www.now.vn/) [@davidkohcw]
+- [Qunar](https://www.qunar.com/) [@flametest]
+- [Rakuten Viki](https://www.viki.com)
+- [Shopee](https://shopee.sg) [@xiaohanyu]
+- [Shopkick](https://www.shopkick.com) [@LAlbertalli]
+- [ShopUp](https://www.shopup.org/) [@gwthm-in]
+- [Tails.com](https://tails.com/gb/) [@alanmcruickshank]
+- [THE ICONIC](https://theiconic.com.au/) [@ksaagariconic]
+- [Utair](https://www.utair.ru) [@utair-digital]
+- [VkusVill](https://vkusvill.ru/) [@ETselikov]
+- [Zalando](https://www.zalando.com) [@dmigo]
+- [Zalora](https://www.zalora.com) [@ksaagariconic]
+- [Zepto](https://www.zeptonow.com/) [@gwthm-in]
+
+### Enterprise Technology
+
+- [A3Data](https://a3data.com.br) [@neylsoncrepalde]
+- [Analytics Aura](https://analyticsaura.com/) [@Analytics-Aura]
+- [Apollo GraphQL](https://www.apollographql.com/) [@evans]
+- [Astronomer](https://www.astronomer.io) [@ryw]
+- [Avesta Technologies](https://avestatechnologies.com/) [@TheRum]
+- [Caizin](https://caizin.com/) [@tejaskatariya]
+- [Canonical](https://canonical.com)
+- [Careem](https://www.careem.com/) [@samraHanif0340]
+- [Cloudsmith](https://cloudsmith.io) [@alancarson]
+- [Cyberhaven](https://www.cyberhaven.com/) [@toliver-ch]
+- [Deepomatic](https://deepomatic.com/) [@Zanoellia]
+- [Dial Once](https://www.dial-once.com/)
+- [Dremio](https://dremio.com) [@narendrans]
+- [EFinance](https://www.efinance.com.eg) [@habeeb556]
+- [Elestio](https://elest.io/) [@kaiwalyakoparkar]
+- [ELMO Cloud HR & Payroll](https://elmosoftware.com.au/)
+- [Endress+Hauser](https://www.endress.com/) [@rumbin]
+- [FBK - ICT center](https://ict.fbk.eu)
+- [Formbricks](https://formbricks.com)
+- [Gavagai](https://gavagai.io) [@gavagai-corp]
+- [GfK Data Lab](https://www.gfk.com/home) [@mherr]
+- [HPE](https://www.hpe.com/in/en/home.html) [@anmol-hpe]
+- [Hydrolix](https://www.hydrolix.io/)
+- [Intercom](https://www.intercom.com/) [@kate-gallo]
+- [jampp](https://jampp.com/)
+- [Konfío](https://konfio.mx) [@uis-rodriguez]
+- [Mainstrat](https://mainstrat.com/)
+- [mishmash io](https://mishmash.io/) [@mishmash-io]
+- [Myra Labs](https://www.myralabs.com/) [@viksit]
+- [Nielsen](https://www.nielsen.com/) [@amitNielsen]
+- [Ona](https://ona.io) [@pld]
+- [Orange](https://www.orange.com) [@icsu]
+- [Oslandia](https://oslandia.com)
+- [Oxylabs](https://oxylabs.io/) [@rytis-ulys]
+- [Peak AI](https://www.peak.ai/) [@azhar22k]
+- [PeopleDoc](https://www.people-doc.com) [@rodo]
+- [PlaidCloud](https://www.plaidcloud.com)
+- [Preset, Inc.](https://preset.io)
+- [PubNub](https://pubnub.com) [@jzucker2]
+- [ReadyTech](https://www.readytech.io)
+- [Reward Gateway](https://www.rewardgateway.com)
+- [RIADVICE](https://riadvice.tn) [@riadvice]
+- [ScopeAI](https://www.getscopeai.com) [@iloveluce]
+- [shipmnts](https://shipmnts.com)
+- [Showmax](https://showmax.com) [@bobek]
+- [SingleStore](https://www.singlestore.com/)
+- [TechAudit](https://www.techaudit.info) [@ETselikov]
+- [Tenable](https://www.tenable.com) [@dflionis]
+- [Tentacle](https://www.linkedin.com/company/tentacle-cmi/) [@jdclarke5]
+- [timbr.ai](https://timbr.ai/) [@semantiDan]
+- [Tobii](https://www.tobii.com/) [@dwa]
+- [Tooploox](https://www.tooploox.com/) [@jakubczaplicki]
+- [Unvired](https://unvired.com) [@srinisubramanian]
+- [Virtuoso QA](https://www.virtuosoqa.com)
+- [Whale](https://whale.im)
+- [Windsor.ai](https://www.windsor.ai/) [@octaviancorlade]
+- [WinWin Network马上赢](https://brandct.cn/) [@wenbinye]
+- [Zeta](https://www.zeta.tech/) [@shaikidris]
+
+### Media & Entertainment
+
+- [6play](https://www.6play.fr) [@CoryChaplin]
+- [bilibili](https://www.bilibili.com) [@Moinheart]
+- [BurdaForward](https://www.burda-forward.de/en/)
+- [Douban](https://www.douban.com/) [@luchuan]
+- [Kuaishou](https://www.kuaishou.com/) [@zhaoyu89730105]
+- [Netflix](https://www.netflix.com/)
+- [Prensa Iberica](https://www.prensaiberica.es/) [@zamar-roura]
+- [TME QQMUSIC/WESING](https://www.tencentmusic.com/) [@shenyuanli,@marklaw]
+- [Xite](https://xite.com/) [@shashankkoppar]
+- [Zaihang](https://www.zaih.com/)
+
+### Education
+
+- [Aveti Learning](https://avetilearning.com/) [@TheShubhendra]
+- [Brilliant.org](https://brilliant.org/)
+- [Open edX](https://openedx.org/)
+- [Platzi.com](https://platzi.com/)
+- [Sunbird](https://www.sunbird.org/) [@eksteporg]
+- [The GRAPH Network](https://thegraphnetwork.org/) [@fccoelho]
+- [Udemy](https://www.udemy.com/) [@sungjuly]
+- [VIPKID](https://www.vipkid.com.cn/) [@illpanda]
+- [WikiMedia Foundation](https://wikimediafoundation.org) [@vg]
+
+### Energy
+
+- [Airboxlab](https://foobot.io) [@antoine-galataud]
+- [DouroECI](https://www.douroeci.com/) [@nunohelibeires]
+- [Safaricom](https://www.safaricom.co.ke/) [@mmutiso]
+- [Scoot](https://scoot.co/) [@haaspt]
+- [Wattbewerb](https://wattbewerb.de/) [@wattbewerb]
+
+### Healthcare
+
+- [Amino](https://amino.com) [@shkr]
+- [Bluesquare](https://www.bluesquarehub.com/) [@madewulf]
+- [Care](https://www.getcare.io/) [@alandao2021]
+- [Living Goods](https://www.livinggoods.org) [@chelule]
+- [Maieutical Labs](https://maieuticallabs.it) [@xrmx]
+- [Medic](https://medic.org) [@1yuv]
+- [REDCap Cloud](https://www.redcapcloud.com/)
+- [TrustMedis](https://trustmedis.com/) [@famasya]
+- [WeSure](https://www.wesure.cn/)
+- [2070Health](https://2070health.com/)
+
+### HR / Staffing
+
+- [Swile](https://www.swile.co/) [@PaoloTerzi]
+- [Symmetrics](https://www.symmetrics.fyi)
+- [bluquist](https://bluquist.com/)
+
+### Government
+
+- [City of Ann Arbor, MI](https://www.a2gov.org/) [@sfirke]
+- [RIS3 Strategy of CZ, MIT CR](https://www.ris3.cz/) [@RIS3CZ]
+- [NRLM - Sarathi, India](https://pib.gov.in/PressReleasePage.aspx?PRID=1999586)
+
+### Travel
+
+- [Agoda](https://www.agoda.com/) [@lostseaway, @maiake, @obombayo]
+- [HomeToGo](https://hometogo.com/) [@pedromartinsteenstrup]
+- [Skyscanner](https://www.skyscanner.net/) [@cleslie, @stanhoucke]
+
+### Others
+
+- [10Web](https://10web.io/)
+- [AI inside](https://inside.ai/en/)
+- [Automattic](https://automattic.com/) [@Khrol, @Usiel]
+- [Dropbox](https://www.dropbox.com/) [@bkyryliuk]
+- [Flowbird](https://flowbird.com) [@EmmanuelCbd]
+- [GEOTAB](https://www.geotab.com) [@JZ6]
+- [Grassroot](https://www.grassrootinstitute.org/)
+- [Increff](https://www.increff.com/) [@ishansinghania]
+- [komoot](https://www.komoot.com/) [@christophlingg]
+- [Let's Roam](https://www.letsroam.com/)
+- [Machrent SA](https://www.machrent.com/)
+- [Onebeat](https://1beat.com/) [@GuyAttia]
+- [X](https://x.com/)
+- [VLMedia](https://www.vlmedia.com.tr/) [@ibotheperfect]
+- [Yahoo!](https://yahoo.com/)

RESOURCES/INTHEWILD.yaml

@@ -1,678 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# Apache Superset Users in the Wild
-#
-# To add your organization:
-# 1. Find the appropriate category (or add a new one)
-# 2. Add an entry with your organization details
-# 3. Optionally add a logo file to docs/static/img/logos/
-#
-# Required fields:
-#   - name: Your organization name
-#   - url: Link to your organization's website
-#
-# Optional fields:
-#   - logo: Filename of logo in docs/static/img/logos/ (e.g., "mycompany.svg")
-#   - contributors: List of GitHub usernames who contributed (e.g., ["@username"])
-
-categories:
-  Sharing Economy:
-    - name: Airbnb
-      url: https://github.com/airbnb
-
-    - name: Faasos
-      url: https://faasos.com/
-      contributors: ["@shashanksingh"]
-
-    - name: Free2Move
-      url: https://www.free2move.com/
-      contributors: ["@PaoloTerzi"]
-
-    - name: Hostnfly
-      url: https://www.hostnfly.com/
-      contributors: ["@alexisrosuel"]
-
-    - name: Lime
-      url: https://www.li.me/
-      contributors: ["@cxmcc"]
-
-    - name: Lyft
-      url: https://www.lyft.com/
-
-    - name: Ontruck
-      url: https://www.ontruck.com/
-
-  Financial Services:
-    - name: Aktia Bank plc
-      url: https://www.aktia.com
-
-    - name: American Express
-      url: https://www.americanexpress.com
-      contributors: ["@TheLastSultan"]
-
-    - name: bumper
-      url: https://www.bumper.co/
-      contributors: ["@vasu-ram", "@JamiePercival"]
-
-    - name: Cape Crypto
-      url: https://capecrypto.com
-
-    - name: Capital Service S.A.
-      url: https://capitalservice.pl
-      contributors: ["@pkonarzewski"]
-
-    - name: Clark.de
-      url: https://clark.de/
-
-    - name: EnquiryLabs
-      url: https://www.enquirylabs.co.uk
-
-    - name: Europace
-      url: https://europace.de
-
-    - name: KarrotPay
-      url: https://www.daangnpay.com/
-
-    - name: Remita
-      url: https://remita.net
-      contributors: ["@mujibishola"]
-
-    - name: Taveo
-      url: https://www.taveo.com
-      contributors: ["@codek"]
-
-    - name: Unit
-      url: https://www.unit.co/about-us
-      contributors: ["@amitmiran137"]
-
-    - name: Wise
-      url: https://wise.com
-      contributors: ["@koszti"]
-
-    - name: Xendit
-      url: https://xendit.co/
-      contributors: ["@LieAlbertTriAdrian"]
-
-    - name: Cover Genius
-      url: https://covergenius.com/
-
-  Gaming:
-    - name: Popoko VM Games Studio
-      url: https://popoko.live
-
-  E-Commerce:
-    - name: AiHello
-      url: https://www.aihello.com
-      contributors: ["@ganeshkrishnan1"]
-
-    - name: Bazaar Technologies
-      url: https://www.bazaartech.com
-      contributors: ["@umair-abro"]
-
-    - name: Blinkit
-      url: https://www.blinkit.com/
-      contributors: ["@amsharm2"]
-
-    - name: Dragonpass
-      url: https://www.dragonpass.com.cn/
-      contributors: ["@zhxjdwh"]
-
-    - name: Dropit Shopping
-      url: https://www.dropit.shop/
-      contributors: ["@dropit-dev"]
-
-    - name: Fanatics
-      url: https://www.fanatics.com/
-      contributors: ["@coderfender"]
-
-    - name: Fordeal
-      url: https://www.fordeal.com
-      contributors: ["@Renkai"]
-
-    - name: Fynd
-      url: https://www.fynd.com/
-      contributors: ["@darpanjain07"]
-
-    - name: GFG - Global Fashion Group
-      url: https://global-fashion-group.com
-      contributors: ["@ksaagariconic"]
-
-    - name: GoTo/Gojek
-      url: https://www.gojek.io/
-      contributors: ["@gwthm-in"]
-
-    - name: HuiShouBao
-      url: https://www.huishoubao.com/
-      contributors: ["@Yukinoshita-Yukino"]
-
-    - name: Now
-      url: https://www.now.vn/
-      contributors: ["@davidkohcw"]
-
-    - name: Qunar
-      url: https://www.qunar.com/
-      contributors: ["@flametest"]
-
-    - name: Rakuten Viki
-      url: https://www.viki.com
-
-    - name: Shopee
-      url: https://shopee.sg
-      contributors: ["@xiaohanyu"]
-
-    - name: Shopkick
-      url: https://www.shopkick.com
-      contributors: ["@LAlbertalli"]
-
-    - name: ShopUp
-      url: https://www.shopup.org/
-      contributors: ["@gwthm-in"]
-
-    - name: Tails.com
-      url: https://tails.com/gb/
-      contributors: ["@alanmcruickshank"]
-
-    - name: THE ICONIC
-      url: https://theiconic.com.au/
-      contributors: ["@ksaagariconic"]
-
-    - name: Utair
-      url: https://www.utair.ru
-      contributors: ["@utair-digital"]
-
-    - name: VkusVill
-      url: https://vkusvill.ru/
-      contributors: ["@ETselikov"]
-
-    - name: Zalando
-      url: https://www.zalando.com
-      contributors: ["@dmigo"]
-
-    - name: Zalora
-      url: https://www.zalora.com
-      contributors: ["@ksaagariconic"]
-
-    - name: Zepto
-      url: https://www.zeptonow.com/
-      contributors: ["@gwthm-in"]
-
-  Enterprise Technology:
-    - name: A3Data
-      url: https://a3data.com.br
-      contributors: ["@neylsoncrepalde"]
-
-    - name: Analytics Aura
-      url: https://analyticsaura.com/
-      contributors: ["@Analytics-Aura"]
-
-    - name: Apollo GraphQL
-      url: https://www.apollographql.com/
-      contributors: ["@evans"]
-
-    - name: Astronomer
-      url: https://www.astronomer.io
-      contributors: ["@ryw"]
-
-    - name: Avesta Technologies
-      url: https://avestatechnologies.com/
-      contributors: ["@TheRum"]
-
-    - name: Caizin
-      url: https://caizin.com/
-      contributors: ["@tejaskatariya"]
-
-    - name: Canonical
-      url: https://canonical.com
-
-    - name: Careem
-      url: https://www.careem.com/
-      contributors: ["@samraHanif0340"]
-
-    - name: Cloudsmith
-      url: https://cloudsmith.io
-      contributors: ["@alancarson"]
-
-    - name: Cyberhaven
-      url: https://www.cyberhaven.com/
-      contributors: ["@toliver-ch"]
-
-    - name: Deepomatic
-      url: https://deepomatic.com/
-      contributors: ["@Zanoellia"]
-
-    - name: Dial Once
-      url: https://www.dial-once.com/
-
-    - name: Dremio
-      url: https://dremio.com
-      contributors: ["@narendrans"]
-
-    - name: EFinance
-      url: https://www.efinance.com.eg
-      contributors: ["@habeeb556"]
-
-    - name: Elestio
-      url: https://elest.io/
-      contributors: ["@kaiwalyakoparkar"]
-
-    - name: ELMO Cloud HR & Payroll
-      url: https://elmosoftware.com.au/
-
-    - name: Endress+Hauser
-      url: https://www.endress.com/
-      contributors: ["@rumbin"]
-
-    - name: FBK - ICT center
-      url: https://ict.fbk.eu
-
-    - name: Formbricks
-      url: https://formbricks.com
-
-    - name: Gavagai
-      url: https://gavagai.io
-      contributors: ["@gavagai-corp"]
-
-    - name: GfK Data Lab
-      url: https://www.gfk.com/home
-      contributors: ["@mherr"]
-
-    - name: HPE
-      url: https://www.hpe.com/in/en/home.html
-      contributors: ["@anmol-hpe"]
-
-    - name: Hydrolix
-      url: https://www.hydrolix.io/
-
-    - name: Intercom
-      url: https://www.intercom.com/
-      contributors: ["@kate-gallo"]
-
-    - name: jampp
-      url: https://jampp.com/
-
-    - name: Konfío
-      url: https://konfio.mx
-      contributors: ["@uis-rodriguez"]
-
-    - name: Mainstrat
-      url: https://mainstrat.com/
-
-    - name: mishmash io
-      url: https://mishmash.io/
-      contributors: ["@mishmash-io"]
-
-    - name: Myra Labs
-      url: https://www.myralabs.com/
-      contributors: ["@viksit"]
-
-    - name: Nielsen
-      url: https://www.nielsen.com/
-      contributors: ["@amitNielsen"]
-
-    - name: Ona
-      url: https://ona.io
-      contributors: ["@pld"]
-
-    - name: Orange
-      url: https://www.orange.com
-      contributors: ["@icsu"]
-
-    - name: Oslandia
-      url: https://oslandia.com
-
-    - name: Oxylabs
-      url: https://oxylabs.io/
-      contributors: ["@rytis-ulys"]
-
-    - name: Peak AI
-      url: https://www.peak.ai/
-      contributors: ["@azhar22k"]
-
-    - name: PeopleDoc
-      url: https://www.people-doc.com
-      contributors: ["@rodo"]
-
-    - name: PlaidCloud
-      url: https://plaidcloud.com
-      logo: plaidcloud.svg
-      contributors: ["@rad-pat"]
-
-    - name: Preset, Inc.
-      url: https://preset.io
-      logo: preset.svg
-      contributors: ["@mistercrunch", "@betodealmeida", "@dpgaspar", "@rusackas", "@sadpandajoe", "@Vitor-Avila", "@kgabryje", "@geido", "@eschutho", "@Antonio-RiveroMartnez", "@yousoph"]
-
-    - name: PubNub
-      url: https://pubnub.com
-      contributors: ["@jzucker2"]
-
-    - name: ReadyTech
-      url: https://www.readytech.io
-
-    - name: Reward Gateway
-      url: https://www.rewardgateway.com
-
-    - name: RIADVICE
-      url: https://riadvice.tn
-      contributors: ["@riadvice"]
-
-    - name: ScopeAI
-      url: https://www.getscopeai.com
-      contributors: ["@iloveluce"]
-
-    - name: shipmnts
-      url: https://shipmnts.com
-
-    - name: Showmax
-      url: https://showmax.com
-      contributors: ["@bobek"]
-
-    - name: SingleStore
-      url: https://www.singlestore.com/
-
-    - name: TechAudit
-      url: https://www.techaudit.info
-      contributors: ["@ETselikov"]
-
-    - name: Tenable
-      url: https://www.tenable.com
-      contributors: ["@dflionis"]
-
-    - name: Tentacle
-      url: https://www.linkedin.com/company/tentacle-cmi/
-      contributors: ["@jdclarke5"]
-
-    - name: timbr.ai
-      url: https://timbr.ai/
-      contributors: ["@semantiDan"]
-
-    - name: Tobii
-      url: https://www.tobii.com/
-      contributors: ["@dwa"]
-
-    - name: Tooploox
-      url: https://www.tooploox.com/
-      contributors: ["@jakubczaplicki"]
-
-    - name: Unvired
-      url: https://unvired.com
-      contributors: ["@srinisubramanian"]
-
-    - name: UserGuiding
-      url: https://userguiding.com/
-      logo: userguiding.svg
-      contributors: ["@tzercin"]
-
-    - name: Virtuoso QA
-      url: https://www.virtuosoqa.com
-
-    - name: Whale
-      url: https://whale.im
-
-    - name: Windsor.ai
-      url: https://www.windsor.ai/
-      contributors: ["@octaviancorlade"]
-
-    - name: WinWin Network马上赢
-      url: https://brandct.cn/
-      contributors: ["@wenbinye"]
-
-    - name: Zeta
-      url: https://www.zeta.tech/
-      contributors: ["@shaikidris"]
-
-  Media & Entertainment:
-    - name: 6play
-      url: https://www.6play.fr
-      contributors: ["@CoryChaplin"]
-
-    - name: bilibili
-      url: https://www.bilibili.com
-      contributors: ["@Moinheart"]
-
-    - name: BurdaForward
-      url: https://www.burda-forward.de/en/
-
-    - name: Douban
-      url: https://www.douban.com/
-      contributors: ["@luchuan"]
-
-    - name: Kuaishou
-      url: https://www.kuaishou.com/
-      contributors: ["@zhaoyu89730105"]
-
-    - name: Netflix
-      url: https://www.netflix.com/
-
-    - name: Prensa Iberica
-      url: https://www.prensaiberica.es/
-      contributors: ["@zamar-roura"]
-
-    - name: TME QQMUSIC/WESING
-      url: https://www.tencentmusic.com/
-      contributors: ["@shenyuanli", "@marklaw"]
-
-    - name: Xite
-      url: https://xite.com/
-      contributors: ["@shashankkoppar"]
-
-    - name: Zaihang
-      url: https://www.zaih.com/
-
-  Education:
-    - name: Aveti Learning
-      url: https://avetilearning.com/
-      contributors: ["@TheShubhendra"]
-
-    - name: Brilliant.org
-      url: https://brilliant.org/
-
-    - name: Cirrus Assessment
-      url: https://cirrusassessment.com/
-      logo: cirrus.svg
-      contributors: ["@jeroenhabets", "@ddmm-white", "@paulrocost"]
-
-    - name: Open edX
-      url: https://openedx.org/
-
-    - name: Platzi.com
-      url: https://platzi.com/
-
-    - name: Sunbird
-      url: https://www.sunbird.org/
-      contributors: ["@eksteporg"]
-
-    - name: The GRAPH Network
-      url: https://thegraphnetwork.org/
-      contributors: ["@fccoelho"]
-
-    - name: Udemy
-      url: https://www.udemy.com/
-      contributors: ["@sungjuly"]
-
-    - name: VIPKID
-      url: https://www.vipkid.com.cn/
-      contributors: ["@illpanda"]
-
-    - name: WikiMedia Foundation
-      url: https://wikimediafoundation.org
-      contributors: ["@vg"]
-
-  Energy:
-    - name: Airboxlab
-      url: https://foobot.io
-      contributors: ["@antoine-galataud"]
-
-    - name: DouroECI
-      url: https://www.douroeci.com/
-      contributors: ["@nunohelibeires"]
-
-    - name: Safaricom
-      url: https://www.safaricom.co.ke/
-      contributors: ["@mmutiso"]
-
-    - name: Scoot
-      url: https://scoot.co/
-      contributors: ["@haaspt"]
-
-    - name: Wattbewerb
-      url: https://wattbewerb.de/
-      contributors: ["@wattbewerb"]
-
-    - name: Rogow
-      url: https://rogow.com.br/
-      contributors: ["@nilmonto"]
-
-  Healthcare:
-    - name: Amino
-      url: https://amino.com
-      contributors: ["@shkr"]
-
-    - name: Bluesquare
-      url: https://www.bluesquarehub.com/
-      contributors: ["@madewulf"]
-
-    - name: Care
-      url: https://www.getcare.io/
-      contributors: ["@alandao2021"]
-
-    - name: Living Goods
-      url: https://www.livinggoods.org
-      contributors: ["@chelule"]
-
-    - name: Maieutical Labs
-      url: https://maieuticallabs.it
-      contributors: ["@xrmx"]
-
-    - name: Medic
-      url: https://medic.org
-      contributors: ["@1yuv"]
-
-    - name: REDCap Cloud
-      url: https://www.redcapcloud.com/
-
-    - name: TrustMedis
-      url: https://trustmedis.com/
-      contributors: ["@famasya"]
-
-    - name: WeSure
-      url: https://www.wesure.cn/
-
-    - name: 2070Health
-      url: https://2070health.com/
-
-  HR / Staffing:
-    - name: Swile
-      url: https://www.swile.co/
-      contributors: ["@PaoloTerzi"]
-
-    - name: Symmetrics
-      url: https://www.symmetrics.fyi
-
-    - name: bluquist
-      url: https://bluquist.com/
-
-  Government:
-    - name: City of Ann Arbor, MI
-      url: https://www.a2gov.org/
-      contributors: ["@sfirke"]
-
-    - name: RIS3 Strategy of CZ, MIT CR
-      url: https://www.ris3.cz/
-      contributors: ["@RIS3CZ"]
-
-    - name: NRLM - Sarathi, India
-      url: https://pib.gov.in/PressReleasePage.aspx?PRID=1999586
-
-  Mobile Software:
-    - name: VLMedia
-      url: https://www.vlmedia.com.tr
-      logo: vlmedia.svg
-      contributors: ["@iercan"]
-
-  Travel:
-    - name: Agoda
-      url: https://www.agoda.com/
-      contributors: ["@lostseaway", "@maiake", "@obombayo"]
-
-    - name: HomeToGo
-      url: https://hometogo.com/
-      contributors: ["@pedromartinsteenstrup"]
-
-    - name: Skyscanner
-      url: https://www.skyscanner.net/
-      contributors: ["@cleslie", "@stanhoucke"]
-
-  Logistics:
-    - name: Stockarea
-      url: https://stockarea.io
-
-  Others:
-    - name: 10Web
-      url: https://10web.io/
-
-    - name: AI inside
-      url: https://inside.ai/en/
-
-    - name: Automattic
-      url: https://automattic.com/
-      contributors: ["@Khrol", "@Usiel"]
-
-    - name: Dropbox
-      url: https://www.dropbox.com/
-      contributors: ["@bkyryliuk"]
-
-    - name: Flowbird
-      url: https://flowbird.com
-      contributors: ["@EmmanuelCbd"]
-
-    - name: GEOTAB
-      url: https://www.geotab.com
-      contributors: ["@JZ6"]
-
-    - name: Grassroot
-      url: https://www.grassrootinstitute.org/
-
-    - name: HOLLYLAND猛玛
-      url: https://www.hollyland.com
-      logo: hollyland猛玛.svg
-      contributors: ["@hlyda0601"]
-
-    - name: Increff
-      url: https://www.increff.com/
-      contributors: ["@ishansinghania"]
-
-    - name: komoot
-      url: https://www.komoot.com/
-      contributors: ["@christophlingg"]
-
-    - name: Let's Roam
-      url: https://www.letsroam.com/
-
-    - name: Machrent SA
-      url: https://www.machrent.com/
-
-    - name: Onebeat
-      url: https://1beat.com/
-      contributors: ["@GuyAttia"]
-
-    - name: X
-      url: https://x.com/
-
-    - name: Yahoo!
-      url: https://yahoo.com/

RESOURCES/STANDARD_ROLES.md

@@ -17,193 +17,192 @@ specific language governing permissions and limitations
 under the License.
 -->
 
-|                                                  |Admin|Alpha|Gamma|Public|SQL_LAB|
-|--------------------------------------------------|---|---|---|---|---|
-| Permission/role description                      |Admins have all possible rights, including granting or revoking rights from other users and altering other people's slices and dashboards.|Alpha users have access to all data sources, but they cannot grant or revoke access from other users. They are also limited to altering the objects that they own. Alpha users can add and alter data sources.|Gamma users have limited access. They can only consume data coming from data sources they have been given access to through another complementary role. They only have access to view the slices and dashboards made from data sources that they have access to. Currently Gamma users are not able to alter or add data sources. We assume that they are mostly content consumers, though they can create slices and dashboards.|Public is the most restrictive built-in role, designed for anonymous/unauthenticated users viewing public dashboards. It provides minimal read-only access for dashboard viewing with interactive filters. Use `PUBLIC_ROLE_LIKE = "Public"` to apply these permissions to anonymous users.|The sql_lab role grants access to SQL Lab. Note that while Admin users have access to all databases by default, both Alpha and Gamma users need to be given access on a per database basis.||
-| can read on SavedQuery                           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can write on SavedQuery                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can read on CssTemplate                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can write on CssTemplate                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can read on ReportSchedule                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can write on ReportSchedule                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can read on Chart                                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can write on Chart                               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can read on Annotation                           |:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|O|
-| can write on Annotation                          |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can read on AnnotationLayerRestApi               |:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|O|
-| can read on Dataset                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can write on Dataset                             |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can read on Log                                  |:heavy_check_mark:|O|O|O|O|
-| can write on Log                                 |:heavy_check_mark:|O|O|O|O|
-| can read on Dashboard                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can write on Dashboard                           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can read on Database                             |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can write on Database                            |:heavy_check_mark:|O|O|O|O|
-| can read on Query                                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can this form get on ResetPasswordView           |:heavy_check_mark:|O|O|O|O|
-| can this form post on ResetPasswordView          |:heavy_check_mark:|O|O|O|O|
-| can this form get on ResetMyPasswordView         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can this form post on ResetMyPasswordView        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can this form get on UserInfoEditView            |:heavy_check_mark:|O|O|O|O|
-| can this form post on UserInfoEditView           |:heavy_check_mark:|O|O|O|O|
-| can show on UserDBModelView                      |:heavy_check_mark:|O|O|O|O|
-| can edit on UserDBModelView                      |:heavy_check_mark:|O|O|O|O|
-| can delete on UserDBModelView                    |:heavy_check_mark:|O|O|O|O|
-| can add on UserDBModelView                       |:heavy_check_mark:|O|O|O|O|
-| can list on UserDBModelView                      |:heavy_check_mark:|O|O|O|O|
-| can userinfo on UserDBModelView                  |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| resetmypassword on UserDBModelView               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| resetpasswords on UserDBModelView                |:heavy_check_mark:|O|O|O|O|
-| userinfoedit on UserDBModelView                  |:heavy_check_mark:|O|O|O|O|
-| can show on RoleModelView                        |:heavy_check_mark:|O|O|O|O|
-| can edit on RoleModelView                        |:heavy_check_mark:|O|O|O|O|
-| can delete on RoleModelView                      |:heavy_check_mark:|O|O|O|O|
-| can add on RoleModelView                         |:heavy_check_mark:|O|O|O|O|
-| can list on RoleModelView                        |:heavy_check_mark:|O|O|O|O|
-| copyrole on RoleModelView                        |:heavy_check_mark:|O|O|O|O|
-| can get on OpenApi                               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can show on SwaggerView                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can get on MenuApi                               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can list on AsyncEventsRestApi                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can invalidate on CacheRestApi                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can csv upload on Database                       |:heavy_check_mark:|O|O|O|O|
-| can excel upload on Database                     |:heavy_check_mark:|O|O|O|O|
-| can query form data on Api                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can query on Api                                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can time range on Api                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can external metadata on Datasource              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can save on Datasource                           |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can get on Datasource                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can my queries on SqlLab                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can log on Superset                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can import dashboards on Superset                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can schemas on Superset                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can sqllab history on Superset                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can publish on Superset                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can csv on Superset                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can slice on Superset                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can sync druid source on Superset                |:heavy_check_mark:|O|O|O|O|
-| can explore on Superset                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can approve on Superset                          |:heavy_check_mark:|O|O|O|O|
-| can explore json on Superset                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can fetch datasource metadata on Superset        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can csrf token on Superset                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can sqllab on Superset                           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can select star on Superset                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can warm up cache on Superset                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can sqllab table viz on Superset                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can available domains on Superset                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can request access on Superset                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can dashboard on Superset                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can post on TableSchemaView                      |:heavy_check_mark:|O|O|O|:heavy_check_mark:|
-| can expanded on TableSchemaView                  |:heavy_check_mark:|O|O|O|:heavy_check_mark:|
-| can delete on TableSchemaView                    |:heavy_check_mark:|O|O|O|:heavy_check_mark:|
-| can get on TabStateView                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can post on TabStateView                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can delete query on TabStateView                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can migrate query on TabStateView                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can activate on TabStateView                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can delete on TabStateView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can put on TabStateView                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can read on SecurityRestApi                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| menu access on Security                          |:heavy_check_mark:|O|O|O|O|
-| menu access on List Users                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on List Roles                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Action Log                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Manage                            |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| menu access on Annotation Layers                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on CSS Templates                     |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| menu access on Import Dashboards                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Data                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Databases                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Datasets                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Charts                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Dashboards                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on SQL Lab                           |:heavy_check_mark:|O|O|O|:heavy_check_mark:|
-| menu access on SQL Editor                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| menu access on Saved Queries                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| menu access on Query Search                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| all datasource access on all_datasource_access   |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| all database access on all_database_access       |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| all query access on all_query_access             |:heavy_check_mark:|O|O|O|O|
-| can write on DynamicPlugin                       |:heavy_check_mark:|O|O|O|O|
-| can edit on DynamicPlugin                        |:heavy_check_mark:|O|O|O|O|
-| can list on DynamicPlugin                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can show on DynamicPlugin                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can download on DynamicPlugin                    |:heavy_check_mark:|O|O|O|O|
-| can add on DynamicPlugin                         |:heavy_check_mark:|O|O|O|O|
-| can delete on DynamicPlugin                      |:heavy_check_mark:|O|O|O|O|
-| can external metadata by name on Datasource      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can get value on KV                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can store on KV                                  |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can tagged objects on TagView                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can suggestions on TagView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can get on TagView                               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can post on TagView                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can delete on TagView                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can edit on DashboardEmailScheduleView           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can list on DashboardEmailScheduleView           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can show on DashboardEmailScheduleView           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can add on DashboardEmailScheduleView            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can delete on DashboardEmailScheduleView         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| muldelete on DashboardEmailScheduleView          |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can edit on SliceEmailScheduleView               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can list on SliceEmailScheduleView               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can show on SliceEmailScheduleView               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can add on SliceEmailScheduleView                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can delete on SliceEmailScheduleView             |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| muldelete on SliceEmailScheduleView              |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can edit on AlertModelView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can list on AlertModelView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can show on AlertModelView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can add on AlertModelView                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can delete on AlertModelView                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can list on AlertLogModelView                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can show on AlertLogModelView                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can list on AlertObservationModelView            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can show on AlertObservationModelView            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Row Level Security                |:heavy_check_mark:|O|O|O|O|
-| menu access on Access requests                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Home                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Plugins                           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Dashboard Email Schedules         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Chart Emails                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Alerts                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Alerts & Report                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| menu access on Scan New Datasources              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can share dashboard on Superset                  |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can share chart on Superset                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can this form get on ColumnarToDatabaseView      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can this form post on ColumnarToDatabaseView     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can export on Chart                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can write on DashboardFilterStateRestApi         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can read on DashboardFilterStateRestApi          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can write on DashboardPermalinkRestApi           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can read on DashboardPermalinkRestApi            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can delete embedded on Dashboard                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can set embedded on Dashboard                    |:heavy_check_mark:|O|O|O|O|
-| can export on Dashboard                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can get embedded on Dashboard                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can export on Database                           |:heavy_check_mark:|O|O|O|O|
-| can export on Dataset                            |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can write on ExploreFormDataRestApi              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can read on ExploreFormDataRestApi               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can write on ExplorePermalinkRestApi             |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can read on ExplorePermalinkRestApi              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can export on ImportExportRestApi                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can import on ImportExportRestApi                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can export on SavedQuery                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|:heavy_check_mark:|
-| can dashboard permalink on Superset              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can grant guest token on SecurityRestApi         |:heavy_check_mark:|O|O|O|O|
-| can read on AdvancedDataType                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can read on EmbeddedDashboard                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
-| can duplicate on Dataset                         |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can read on Explore                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can samples on Datasource                        |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can read on AvailableDomains                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
-| can get or create dataset on Dataset             |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can get column values on Datasource              |:heavy_check_mark:|:heavy_check_mark:|O|O|O|
-| can export csv on SQLLab                         |:heavy_check_mark:|O|O|O|:heavy_check_mark:|
-| can get results on SQLLab                        |:heavy_check_mark:|O|O|O|:heavy_check_mark:|
-| can execute sql query on SQLLab                  |:heavy_check_mark:|O|O|O|:heavy_check_mark:|
-| can recent activity on Log                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|O|
+|                                                  |Admin|Alpha|Gamma|SQL_LAB|
+|--------------------------------------------------|---|---|---|---|
+| Permission/role description                      |Admins have all possible rights, including granting or revoking rights from other users and altering other people’s slices and dashboards.|Alpha users have access to all data sources, but they cannot grant or revoke access from other users. They are also limited to altering the objects that they own. Alpha users can add and alter data sources.|Gamma users have limited access. They can only consume data coming from data sources they have been given access to through another complementary role. They only have access to view the slices and dashboards made from data sources that they have access to. Currently Gamma users are not able to alter or add data sources. We assume that they are mostly content consumers, though they can create slices and dashboards.|The sql_lab role grants access to SQL Lab. Note that while Admin users have access to all databases by default, both Alpha and Gamma users need to be given access on a per database basis.||
+| can read on SavedQuery                           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can write on SavedQuery                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can read on CssTemplate                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can write on CssTemplate                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on ReportSchedule                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can write on ReportSchedule                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on Chart                                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can write on Chart                               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on Annotation                           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can write on Annotation                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on Dataset                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can write on Dataset                             |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| can read on Log                                  |:heavy_check_mark:|O|O|O|
+| can write on Log                                 |:heavy_check_mark:|O|O|O|
+| can read on Dashboard                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can write on Dashboard                           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on Database                             |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can write on Database                            |:heavy_check_mark:|O|O|O|
+| can read on Query                                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can this form get on ResetPasswordView           |:heavy_check_mark:|O|O|O|
+| can this form post on ResetPasswordView          |:heavy_check_mark:|O|O|O|
+| can this form get on ResetMyPasswordView         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can this form post on ResetMyPasswordView        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can this form get on UserInfoEditView            |:heavy_check_mark:|O|O|O|
+| can this form post on UserInfoEditView           |:heavy_check_mark:|O|O|O|
+| can show on UserDBModelView                      |:heavy_check_mark:|O|O|O|
+| can edit on UserDBModelView                      |:heavy_check_mark:|O|O|O|
+| can delete on UserDBModelView                    |:heavy_check_mark:|O|O|O|
+| can add on UserDBModelView                       |:heavy_check_mark:|O|O|O|
+| can list on UserDBModelView                      |:heavy_check_mark:|O|O|O|
+| can userinfo on UserDBModelView                  |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| resetmypassword on UserDBModelView               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| resetpasswords on UserDBModelView                |:heavy_check_mark:|O|O|O|
+| userinfoedit on UserDBModelView                  |:heavy_check_mark:|O|O|O|
+| can show on RoleModelView                        |:heavy_check_mark:|O|O|O|
+| can edit on RoleModelView                        |:heavy_check_mark:|O|O|O|
+| can delete on RoleModelView                      |:heavy_check_mark:|O|O|O|
+| can add on RoleModelView                         |:heavy_check_mark:|O|O|O|
+| can list on RoleModelView                        |:heavy_check_mark:|O|O|O|
+| copyrole on RoleModelView                        |:heavy_check_mark:|O|O|O|
+| can get on OpenApi                               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can show on SwaggerView                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can get on MenuApi                               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can list on AsyncEventsRestApi                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can invalidate on CacheRestApi                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can csv upload on Database                       |:heavy_check_mark:|O|O|O|
+| can excel upload on Database                     |:heavy_check_mark:|O|O|O|
+| can query form data on Api                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can query on Api                                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can time range on Api                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can external metadata on Datasource              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can save on Datasource                           |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| can get on Datasource                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can my queries on SqlLab                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can log on Superset                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can import dashboards on Superset                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can schemas on Superset                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can sqllab history on Superset                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can publish on Superset                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can csv on Superset                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can slice on Superset                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can sync druid source on Superset                |:heavy_check_mark:|O|O|O|
+| can explore on Superset                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can approve on Superset                          |:heavy_check_mark:|O|O|O|
+| can explore json on Superset                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can fetch datasource metadata on Superset        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can csrf token on Superset                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can sqllab on Superset                           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can select star on Superset                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can warm up cache on Superset                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can sqllab table viz on Superset                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can available domains on Superset                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can request access on Superset                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can dashboard on Superset                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can post on TableSchemaView                      |:heavy_check_mark:|O|O|:heavy_check_mark:|
+| can expanded on TableSchemaView                  |:heavy_check_mark:|O|O|:heavy_check_mark:|
+| can delete on TableSchemaView                    |:heavy_check_mark:|O|O|:heavy_check_mark:|
+| can get on TabStateView                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can post on TabStateView                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can delete query on TabStateView                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can migrate query on TabStateView                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can activate on TabStateView                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can delete on TabStateView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can put on TabStateView                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can read on SecurityRestApi                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| menu access on Security                          |:heavy_check_mark:|O|O|O|
+| menu access on List Users                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on List Roles                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Action Log                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Manage                            |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| menu access on Annotation Layers                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on CSS Templates                     |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| menu access on Import Dashboards                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Data                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Databases                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Datasets                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Charts                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Dashboards                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on SQL Lab                           |:heavy_check_mark:|O|O|:heavy_check_mark:|
+| menu access on SQL Editor                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| menu access on Saved Queries                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| menu access on Query Search                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| all datasource access on all_datasource_access   |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| all database access on all_database_access       |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| all query access on all_query_access             |:heavy_check_mark:|O|O|O|
+| can write on DynamicPlugin                       |:heavy_check_mark:|O|O|O|
+| can edit on DynamicPlugin                        |:heavy_check_mark:|O|O|O|
+| can list on DynamicPlugin                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can show on DynamicPlugin                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can download on DynamicPlugin                    |:heavy_check_mark:|O|O|O|
+| can add on DynamicPlugin                         |:heavy_check_mark:|O|O|O|
+| can delete on DynamicPlugin                      |:heavy_check_mark:|O|O|O|
+| can external metadata by name on Datasource      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can get value on KV                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can store on KV                                  |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can tagged objects on TagView                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can suggestions on TagView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can get on TagView                               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can post on TagView                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can delete on TagView                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can edit on DashboardEmailScheduleView           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can list on DashboardEmailScheduleView           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can show on DashboardEmailScheduleView           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can add on DashboardEmailScheduleView            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can delete on DashboardEmailScheduleView         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| muldelete on DashboardEmailScheduleView          |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| can edit on SliceEmailScheduleView               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can list on SliceEmailScheduleView               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can show on SliceEmailScheduleView               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can add on SliceEmailScheduleView                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can delete on SliceEmailScheduleView             |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| muldelete on SliceEmailScheduleView              |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| can edit on AlertModelView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can list on AlertModelView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can show on AlertModelView                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can add on AlertModelView                        |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can delete on AlertModelView                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can list on AlertLogModelView                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can show on AlertLogModelView                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can list on AlertObservationModelView            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can show on AlertObservationModelView            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Row Level Security                |:heavy_check_mark:|O|O|O|
+| menu access on Access requests                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Home                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Plugins                           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Dashboard Email Schedules         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Chart Emails                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Alerts                            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Alerts & Report                   |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| menu access on Scan New Datasources              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can share dashboard on Superset                  |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can share chart on Superset                      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can this form get on ColumnarToDatabaseView      |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can this form post on ColumnarToDatabaseView     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can export on Chart                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can write on DashboardFilterStateRestApi         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on DashboardFilterStateRestApi          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can write on DashboardPermalinkRestApi           |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on DashboardPermalinkRestApi            |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can delete embedded on Dashboard                 |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can set embedded on Dashboard                    |:heavy_check_mark:|O|O|O|
+| can export on Dashboard                          |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can get embedded on Dashboard                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can export on Database                           |:heavy_check_mark:|O|O|O|
+| can export on Dataset                            |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| can write on ExploreFormDataRestApi              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on ExploreFormDataRestApi               |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can write on ExplorePermalinkRestApi             |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on ExplorePermalinkRestApi              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can export on ImportExportRestApi                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can import on ImportExportRestApi                |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can export on SavedQuery                         |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|
+| can dashboard permalink on Superset              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can grant guest token on SecurityRestApi         |:heavy_check_mark:|O|O|O|
+| can read on AdvancedDataType                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can read on EmbeddedDashboard                    |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can duplicate on Dataset                         |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| can read on Explore                              |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can samples on Datasource                        |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| can read on AvailableDomains                     |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|
+| can get or create dataset on Dataset             |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| can get column values on Datasource              |:heavy_check_mark:|:heavy_check_mark:|O|O|
+| can export csv on SQLLab                         |:heavy_check_mark:|O|O|:heavy_check_mark:|
+| can get results on SQLLab                        |:heavy_check_mark:|O|O|:heavy_check_mark:|
+| can execute sql query on SQLLab                  |:heavy_check_mark:|O|O|:heavy_check_mark:|
+| can recent activity on Log                       |:heavy_check_mark:|:heavy_check_mark:|:heavy_check_mark:|O|

UPDATING.md

@@ -23,132 +23,8 @@ This file documents any backwards-incompatible changes in Superset and
 assists people when migrating to a new version.
 
 ## Next
-
-### MCP Service
-
-The MCP (Model Context Protocol) service enables AI assistants and automation tools to interact programmatically with Superset.
-
-#### New Features
-- MCP service infrastructure with FastMCP framework
-- Tools for dashboards, charts, datasets, SQL Lab, and instance metadata
-- Optional dependency: install with `pip install apache-superset[fastmcp]`
-- Runs as separate process from Superset web server
-- JWT-based authentication for production deployments
-
-#### New Configuration Options
-
-**Development** (single-user, local testing):
-```python
-# superset_config.py
-MCP_DEV_USERNAME = "admin"  # User for MCP authentication
-MCP_SERVICE_HOST = "localhost"
-MCP_SERVICE_PORT = 5008
-```
-
-**Production** (JWT-based, multi-user):
-```python
-# superset_config.py
-MCP_AUTH_ENABLED = True
-MCP_JWT_ISSUER = "https://your-auth-provider.com"
-MCP_JWT_AUDIENCE = "superset-mcp"
-MCP_JWT_ALGORITHM = "RS256"  # or "HS256" for shared secrets
-
-# Option 1: Use JWKS endpoint (recommended for RS256)
-MCP_JWKS_URI = "https://auth.example.com/.well-known/jwks.json"
-
-# Option 2: Use static public key (RS256)
-MCP_JWT_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----..."
-
-# Option 3: Use shared secret (HS256)
-MCP_JWT_ALGORITHM = "HS256"
-MCP_JWT_SECRET = "your-shared-secret-key"
-
-# Optional overrides
-MCP_SERVICE_HOST = "0.0.0.0"
-MCP_SERVICE_PORT = 5008
-MCP_SESSION_CONFIG = {
-    "SESSION_COOKIE_SECURE": True,
-    "SESSION_COOKIE_HTTPONLY": True,
-    "SESSION_COOKIE_SAMESITE": "Strict",
-}
-```
-
-#### Running the MCP Service
-
-```bash
-# Development
-superset mcp run --port 5008 --debug
-
-# Production
-superset mcp run --port 5008
-
-# With factory config
-superset mcp run --port 5008 --use-factory-config
-```
-
-#### Deployment Considerations
-
-The MCP service runs as a **separate process** from the Superset web server.
-
-**Important**:
-- Requires same Python environment and configuration as Superset
-- Shares database connections with main Superset app
-- Can be scaled independently from web server
-- Requires `fastmcp` package (optional dependency)
-
-**Installation**:
-```bash
-# Install with MCP support
-pip install apache-superset[fastmcp]
-
-# Or add to requirements.txt
-apache-superset[fastmcp]>=X.Y.Z
-```
-
-**Process Management**:
-Use systemd, supervisord, or Kubernetes to manage the MCP service process.
-See `superset/mcp_service/PRODUCTION.md` for deployment guides.
-
-**Security**:
-- Development: Uses `MCP_DEV_USERNAME` for single-user access
-- Production: **MUST** configure JWT authentication
-- See `superset/mcp_service/SECURITY.md` for details
-
-#### Documentation
-
-- Architecture: `superset/mcp_service/ARCHITECTURE.md`
-- Security: `superset/mcp_service/SECURITY.md`
-- Production: `superset/mcp_service/PRODUCTION.md`
-- Developer Guide: `superset/mcp_service/CLAUDE.md`
-- Quick Start: `superset/mcp_service/README.md`
-
----
-
-- [35621](https://github.com/apache/superset/pull/35621): The default hash algorithm has changed from MD5 to SHA-256 for improved security and FedRAMP compliance. This affects cache keys for thumbnails, dashboard digests, chart digests, and filter option names. Existing cached data will be invalidated upon upgrade. To opt out of this change and maintain backward compatibility, set `HASH_ALGORITHM = "md5"` in your `superset_config.py`.
-- [35062](https://github.com/apache/superset/pull/35062): Changed the function signature of `setupExtensions` to `setupCodeOverrides` with options as arguments.
-
-### Breaking Changes
-- [36317](https://github.com/apache/superset/pull/36317): The `CUSTOM_FONT_URLS` configuration option has been removed. Use the new per-theme `fontUrls` token in `THEME_DEFAULT` or database-managed themes instead.
-  - **Before:**
-  ```python
-  CUSTOM_FONT_URLS = [
-    "https://fonts.example.com/myfont.css",
-  ]
-  ```
-  - **After:**
-  ```python
-  THEME_DEFAULT = {
-    "token": {
-      "fontUrls": [
-        "https://fonts.example.com/myfont.css",
-        ],
-        # ... other tokens  
-    }
-  }
-  ```
-
-## 6.0.0
 - [33055](https://github.com/apache/superset/pull/33055): Upgrades Flask-AppBuilder to 5.0.0. The AUTH_OID authentication type has been deprecated and is no longer available as an option in Flask-AppBuilder. OpenID (OID) is considered a deprecated authentication protocol - if you are using AUTH_OID, you will need to migrate to an alternative authentication method such as OAuth, LDAP, or database authentication before upgrading.
+- [35062](https://github.com/apache/superset/pull/35062): Changed the function signature of `setupExtensions` to `setupCodeOverrides` with options as arguments.
 - [34871](https://github.com/apache/superset/pull/34871): Fixed Jest test hanging issue from Ant Design v5 upgrade. MessageChannel is now mocked in test environment to prevent rc-overflow from causing Jest to hang. Test environment only - no production impact.
 - [34782](https://github.com/apache/superset/pull/34782): Dataset exports now include the dataset ID in their file name (similar to charts and dashboards). If managing assets as code, make sure to rename existing dataset YAMLs to include the ID (and avoid duplicated files).
 - [34536](https://github.com/apache/superset/pull/34536): The `ENVIRONMENT_TAG_CONFIG` color values have changed to support only Ant Design semantic colors. Update your `superset_config.py`:

docker-compose-image-tag.yml

@@ -28,7 +28,6 @@ x-superset-image: &superset-image apachesuperset.docker.scarf.sh/apache/superset
 x-superset-volumes:
   &superset-volumes # /app/pythonpath_docker will be appended to the PYTHONPATH in the final container
   - ./docker:/app/docker
-  - ./superset-core:/app/superset-core
   - superset_home:/app/superset_home
 
 services:

docker-compose-light.yml

@@ -111,22 +111,13 @@ services:
     depends_on:
       superset-init-light:
         condition: service_completed_successfully
-      superset-node-light:
-        condition: service_healthy
     volumes: *superset-volumes
-    healthcheck:
-      test: ["CMD-SHELL", "/app/docker/docker-healthcheck.sh"]
-      interval: 30s
-      timeout: 30s
-      retries: 3
-      start_period: 60s
     environment:
       DATABASE_HOST: db-light
       DATABASE_DB: superset_light
       POSTGRES_DB: superset_light
       SUPERSET__SQLALCHEMY_EXAMPLES_URI: "duckdb:////app/data/examples.duckdb"
       SUPERSET_CONFIG_PATH: /app/docker/pythonpath_dev/superset_config_docker_light.py
-      FLASK_RUN_HOST: 0.0.0.0
       GITHUB_HEAD_REF: ${GITHUB_HEAD_REF:-}
       GITHUB_SHA: ${GITHUB_SHA:-}
 
@@ -163,12 +154,6 @@ services:
         # it'll mount and watch local files and rebuild as you update them
         DEV_MODE: "true"
         BUILD_TRANSLATIONS: ${BUILD_TRANSLATIONS:-false}
-    healthcheck:
-      test: ["CMD-SHELL", "/app/docker/docker-healthcheck-node.sh"]
-      interval: 10s
-      timeout: 5s
-      retries: 3
-      start_period: 90s
     environment:
       # set this to false if you have perf issues running the npm i; npm run dev in-docker
       # if you do so, you have to run this manually on the host, which should perform better!

docker-compose.yml

@@ -29,11 +29,9 @@ x-superset-volumes: &superset-volumes
   # /app/pythonpath_docker will be appended to the PYTHONPATH in the final container
   - ./docker:/app/docker
   - ./superset:/app/superset
-  - ./superset-core:/app/superset-core
   - ./superset-frontend:/app/superset-frontend
   - superset_home:/app/superset_home
   - ./tests:/app/tests
-  - superset_data:/app/data
 x-common-build: &common-build
   context: .
   target: ${SUPERSET_BUILD_TARGET:-dev} # can use `dev` (default) or `lean`
@@ -54,9 +52,10 @@ services:
       - path: docker/.env-local # optional override
         required: false
     image: nginx:latest
+    container_name: superset_nginx
     restart: unless-stopped
     ports:
-      - "${NGINX_PORT:-80}:80"
+      - "80:80"
     extra_hosts:
       - "host.docker.internal:host-gateway"
     volumes:
@@ -65,9 +64,10 @@ services:
 
   redis:
     image: redis:7
+    container_name: superset_cache
     restart: unless-stopped
     ports:
-      - "127.0.0.1:${REDIS_PORT:-6379}:6379"
+      - "127.0.0.1:6379:6379"
     volumes:
       - redis:/data
 
@@ -78,9 +78,10 @@ services:
       - path: docker/.env-local # optional override
         required: false
     image: postgres:16
+    container_name: superset_db
     restart: unless-stopped
     ports:
-      - "127.0.0.1:${DATABASE_PORT:-5432}:5432"
+      - "127.0.0.1:5432:5432"
     volumes:
       - db_home:/var/lib/postgresql/data
       - ./docker/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
@@ -93,12 +94,13 @@ services:
         required: false
     build:
       <<: *common-build
+    container_name: superset_app
     command: ["/app/docker/docker-bootstrap.sh", "app"]
     restart: unless-stopped
     ports:
-      - ${SUPERSET_PORT:-8088}:8088
+      - 8088:8088
       # When in cypress-mode ->
-      - ${CYPRESS_PORT:-8081}:8081
+      - 8081:8081
     extra_hosts:
       - "host.docker.internal:host-gateway"
     user: *superset-user
@@ -110,9 +112,10 @@ services:
       SUPERSET__SQLALCHEMY_EXAMPLES_URI: "duckdb:////app/data/examples.duckdb"
 
   superset-websocket:
+    container_name: superset_websocket
     build: ./superset-websocket
     ports:
-      - ${WEBSOCKET_PORT:-8080}:8080
+      - 8080:8080
     extra_hosts:
       - "host.docker.internal:host-gateway"
     depends_on:
@@ -132,9 +135,9 @@ services:
       - /home/superset-websocket/node_modules
       - /home/superset-websocket/dist
 
-      # Mount config file. Create your own docker/superset-websocket/config.json
-      # for custom settings, then point to it here. Do not use this example in production.
-      - ./docker/superset-websocket/config.example.json:/home/superset-websocket/config.json:ro
+      # Mounting a config file that contains a dummy secret required to boot up.
+      # do not use this docker compose in production
+      - ./docker/superset-websocket/config.json:/home/superset-websocket/config.json
     environment:
       - PORT=8080
       - REDIS_HOST=redis
@@ -144,6 +147,7 @@ services:
   superset-init:
     build:
       <<: *common-build
+    container_name: superset_init
     command: ["/app/docker/docker-init.sh"]
     env_file:
       - path: docker/.env # default
@@ -180,10 +184,9 @@ services:
       SCARF_ANALYTICS: "${SCARF_ANALYTICS:-}"
       # configuring the dev-server to use the host.docker.internal to connect to the backend
       superset: "http://superset:8088"
-      # Bind to all interfaces so Docker port mapping works
-      WEBPACK_DEVSERVER_HOST: "0.0.0.0"
     ports:
-      - "127.0.0.1:${NODE_PORT:-9000}:9000"  # exposing the dynamic webpack dev server
+      - "127.0.0.1:9000:9000"  # exposing the dynamic webpack dev server
+    container_name: superset_node
     command: ["/app/docker/docker-frontend.sh"]
     env_file:
       - path: docker/.env # default
@@ -195,6 +198,7 @@ services:
   superset-worker:
     build:
       <<: *common-build
+    container_name: superset_worker
     command: ["/app/docker/docker-bootstrap.sh", "worker"]
     env_file:
       - path: docker/.env # default
@@ -220,6 +224,7 @@ services:
   superset-worker-beat:
     build:
       <<: *common-build
+    container_name: superset_worker_beat
     command: ["/app/docker/docker-bootstrap.sh", "beat"]
     env_file:
       - path: docker/.env # default
@@ -237,6 +242,7 @@ services:
   superset-tests-worker:
     build:
       <<: *common-build
+    container_name: superset_tests_worker
     command: ["/app/docker/docker-bootstrap.sh", "worker"]
     env_file:
       - path: docker/.env # default
@@ -268,5 +274,3 @@ volumes:
     external: false
   redis:
     external: false
-  superset_data:
-    external: false

docker/.env

@@ -21,15 +21,6 @@ PYTHONUNBUFFERED=1
 COMPOSE_PROJECT_NAME=superset
 DEV_MODE=true
 
-# Port configuration (override in .env-local for multiple instances)
-# NGINX_PORT=80
-# SUPERSET_PORT=8088
-# NODE_PORT=9000
-# WEBSOCKET_PORT=8080
-# CYPRESS_PORT=8081
-# DATABASE_PORT=5432
-# REDIS_PORT=6379
-
 # database configurations (do not modify)
 DATABASE_DB=superset
 DATABASE_HOST=db

docker/.env-local.example

@@ -1,39 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-# -----------------------------------------------------------------------
-# Example .env-local file for running multiple Superset instances
-# Copy this file to .env-local and customize for your setup
-# -----------------------------------------------------------------------
-
-# Unique project name prevents container/volume conflicts between clones
-# Each clone should have a different name (e.g., superset-pr123, superset-feature-x)
-COMPOSE_PROJECT_NAME=superset-dev2
-
-# Port offsets for running multiple instances simultaneously
-# Instance 1 (default): 80, 8088, 9000, 8080, 8081, 5432, 6379
-# Instance 2 example:   81, 8089, 9001, 8082, 8083, 5433, 6380
-NGINX_PORT=81
-SUPERSET_PORT=8089
-NODE_PORT=9001
-WEBSOCKET_PORT=8082
-CYPRESS_PORT=8083
-DATABASE_PORT=5433
-REDIS_PORT=6380
-
-# For verbose logging during development:
-# SUPERSET_LOG_LEVEL=debug

docker/README.md

@@ -34,24 +34,8 @@ intended for use with local development.
 
 ### Local overrides
 
-#### Environment Variables
-
-To override environment variables locally, create a `./docker/.env-local` file (git-ignored). This file will be loaded after `.env` and can override any settings.
-
-#### Python Configuration
-
 In order to override configuration settings locally, simply make a copy of [`./docker/pythonpath_dev/superset_config_local.example`](./pythonpath_dev/superset_config_local.example)
-into `./docker/pythonpath_dev/superset_config_docker.py` (git-ignored) and fill in your overrides.
-
-#### WebSocket Configuration
-
-To customize the WebSocket server configuration, create `./docker/superset-websocket/config.json` (git-ignored) based on [`./docker/superset-websocket/config.example.json`](./superset-websocket/config.example.json).
-
-Then update the `superset-websocket`.`volumes` config to mount it.
-
-#### Docker Compose Overrides
-
-For advanced Docker Compose customization, create a `docker-compose-override.yml` file (git-ignored) to override or extend services without modifying the main compose file.
+into `./docker/pythonpath_dev/superset_config_docker.py` (git ignored) and fill in your overrides.
 
 ### Local packages
 
@@ -77,34 +61,6 @@ To run the container, simply run: `docker compose up`
 After waiting several minutes for Superset initialization to finish, you can open a browser and view [`http://localhost:8088`](http://localhost:8088)
 to start your journey.
 
-### Running Multiple Instances
-
-If you need to run multiple Superset instances simultaneously (e.g., different branches or clones), use the make targets which automatically find available ports:
-
-```bash
-make up
-```
-
-This automatically:
-- Generates a unique project name from your directory
-- Finds available ports (incrementing from defaults if in use)
-- Displays the assigned URLs before starting
-
-Available commands (run from repo root):
-
-| Command | Description |
-|---------|-------------|
-| `make up` | Start services (foreground) |
-| `make up-detached` | Start services (background) |
-| `make down` | Stop all services |
-| `make ps` | Show running containers |
-| `make logs` | Follow container logs |
-| `make nuke` | Stop, remove volumes & local images |
-
-From a subdirectory, use: `make -C $(git rev-parse --show-toplevel) up`
-
-**Important**: Always use these commands instead of plain `docker compose down`, which won't know the correct project name.
-
 ## Developing
 
 While running, the container server will reload on modification of the Superset Python and JavaScript source code.

docker/docker-bootstrap.sh

@@ -21,15 +21,8 @@ set -eo pipefail
 # Make python interactive
 if [ "$DEV_MODE" == "true" ]; then
     if [ "$(whoami)" = "root" ] && command -v uv > /dev/null 2>&1; then
-      # Always ensure superset-core is available
-      echo "Installing superset-core in editable mode"
-      uv pip install --no-deps -e /app/superset-core
-
-      # Only reinstall the main app for non-worker processes
-      if [ "$1" != "worker" ] && [ "$1" != "beat" ]; then
-        echo "Reinstalling the app in editable mode"
-        uv pip install -e .
-      fi
+      echo "Reinstalling the app in editable mode"
+      uv pip install -e .
     fi
 fi
 REQUIREMENTS_LOCAL="/app/docker/requirements-local.txt"
@@ -41,8 +34,7 @@ if [ "$CYPRESS_CONFIG" == "true" ]; then
     export SUPERSET__SQLALCHEMY_DATABASE_URI=postgresql+psycopg2://superset:superset@db:5432/superset_cypress
     PORT=8081
 fi
-# Skip postgres requirements installation for workers to avoid conflicts
-if [[ "$DATABASE_DIALECT" == postgres* ]] && [ "$(whoami)" = "root" ] && [ "$1" != "worker" ] && [ "$1" != "beat" ]; then
+if [[ "$DATABASE_DIALECT" == postgres* ]] && [ "$(whoami)" = "root" ]; then
     # older images may not have the postgres dev requirements installed
     echo "Installing postgres requirements"
     if command -v uv > /dev/null 2>&1; then
@@ -80,16 +72,12 @@ case "${1}" in
     ;;
   app)
     echo "Starting web app (using development server)..."
-    flask run -p $PORT --reload --debugger --without-threads --host=0.0.0.0 --exclude-patterns "*/node_modules/*:*/.venv/*:*/build/*:*/__pycache__/*"
+    flask run -p $PORT --reload --debugger --without-threads --host=0.0.0.0
     ;;
   app-gunicorn)
     echo "Starting web app..."
     /usr/bin/run-server.sh
     ;;
-  mcp)
-    echo "Starting MCP service..."
-    superset mcp run --host 0.0.0.0 --port ${MCP_PORT:-5008} --debug
-    ;;
   *)
     echo "Unknown Operation!!!"
     ;;

docker/docker-healthcheck-node.sh

@@ -1,35 +0,0 @@
-#!/usr/bin/env bash
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-# Health check for webpack dev server using Node.js HTTP module
-node -e "
-const http = require('http');
-const req = http.request({
-  hostname: 'localhost',
-  port: ${WEBPACK_DEVSERVER_PORT:-9000},
-  path: '/',
-  method: 'HEAD',
-  timeout: 3000
-}, (res) => {
-  res.resume();
-  process.exit(0);
-});
-req.on('error', () => process.exit(1));
-req.on('timeout', () => { req.destroy(); process.exit(1); });
-req.end();
-" || exit 1

docker/pythonpath_dev/superset_config_docker_light.py

@@ -19,7 +19,6 @@
 
 # Import all settings from the main config first
 from flask_caching.backends.filesystemcache import FileSystemCache
-
 from superset_config import *  # noqa: F403
 
 # Override caching to use simple in-memory cache instead of Redis

docker/superset-websocket/config.example.json

@@ -1,22 +0,0 @@
-{
-  "port": 8080,
-  "logLevel": "info",
-  "logToFile": false,
-  "logFilename": "app.log",
-  "statsd": {
-    "host": "127.0.0.1",
-    "port": 8125,
-    "globalTags": []
-  },
-  "redis": {
-    "port": 6379,
-    "host": "127.0.0.1",
-    "password": "",
-    "db": 0,
-    "ssl": false
-  },
-  "redisStreamPrefix": "async-events-",
-  "jwtAlgorithms": ["HS256"],
-  "jwtSecret": "CHANGE-ME-IN-PRODUCTION-GOTTA-BE-LONG-AND-SECRET",
-  "jwtCookieName": "async-token"
-}

docs/.gitignore

@@ -23,6 +23,3 @@ docs/.zshrc
 
 # Gets copied from the root of the project at build time (yarn start / yarn build)
 docs/intro.md
-
-# Generated badge images (downloaded at build time by remark-localize-badges plugin)
-static/badges/

docs/DOCS_CLAUDE.md

@@ -1,642 +0,0 @@
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-
-# LLM Context Guide for Apache Superset Documentation
-
-This guide helps LLMs work with the Apache Superset documentation site built with Docusaurus 3.
-
-## 📍 Current Directory Context
-
-You are currently in the `/docs` subdirectory of the Apache Superset repository. When referencing files from the main codebase, use `../` to access the parent directory.
-
-```
-/Users/evan_1/GitHub/superset/     # Main repository root
-├── superset/                      # Python backend code
-├── superset-frontend/             # React/TypeScript frontend
-└── docs/                         # Documentation site (YOU ARE HERE)
-    ├── docs/                     # Main documentation content
-    ├── developer_portal/         # Developer guides (currently disabled)
-    ├── components/               # Component playground (currently disabled)
-    └── docusaurus.config.ts      # Site configuration
-```
-
-## 🚀 Quick Commands
-
-```bash
-# Development
-yarn start                 # Start dev server on http://localhost:3000
-yarn stop                 # Stop running dev server
-yarn build                # Build production site
-yarn serve                # Serve built site locally
-
-# Version Management (USE THESE, NOT docusaurus commands)
-yarn version:add:docs <version>              # Add new docs version
-yarn version:add:developer_portal <version>  # Add developer portal version  
-yarn version:add:components <version>        # Add components version
-yarn version:remove:docs <version>           # Remove docs version
-yarn version:remove:developer_portal <version> # Remove developer portal version
-yarn version:remove:components <version>      # Remove components version
-
-# Quality Checks
-yarn typecheck            # TypeScript validation
-yarn eslint              # Lint TypeScript/JavaScript files
-```
-
-## 📁 Documentation Structure
-
-### Main Documentation (`/docs`)
-The primary documentation lives in `/docs` with this structure:
-
-```
-docs/
-├── intro.md                # Auto-generated from ../README.md
-├── quickstart.mdx          # Getting started guide
-├── api.mdx                 # API reference with Swagger UI
-├── faq.mdx                 # Frequently asked questions
-├── installation/           # Installation guides
-│   ├── installation-methods.mdx
-│   ├── docker-compose.mdx
-│   ├── docker-builds.mdx
-│   ├── kubernetes.mdx
-│   ├── pypi.mdx
-│   └── architecture.mdx
-├── configuration/          # Configuration guides
-│   ├── configuring-superset.mdx
-│   ├── alerts-reports.mdx
-│   ├── caching.mdx
-│   ├── databases.mdx
-│   └── [more config docs]
-├── using-superset/         # User guides
-│   ├── creating-your-first-dashboard.md
-│   ├── exploring-data.mdx
-│   └── [more user docs]
-├── contributing/           # Contributor guides
-│   ├── development.mdx
-│   ├── testing-locally.mdx
-│   └── [more contributor docs]
-└── security/              # Security documentation
-    ├── security.mdx
-    └── [security guides]
-```
-
-### Developer Portal (`/developer_portal`) - Currently Disabled
-When enabled, contains developer-focused content:
-- API documentation
-- Architecture guides
-- CLI tools
-- Code examples
-
-### Component Playground (`/components`) - Currently Disabled
-When enabled, provides interactive component examples for UI development.
-
-## 📝 Documentation Standards
-
-### File Types
-- **`.md` files**: Basic Markdown documents
-- **`.mdx` files**: Markdown with JSX - can include React components
-- **`.tsx` files in `/src`**: Custom React components and pages
-
-### Frontmatter Structure
-Every documentation page should have frontmatter:
-
-```yaml
----
-title: Page Title
-description: Brief description for SEO
-sidebar_position: 1  # Optional: controls order in sidebar
----
-```
-
-### MDX Component Usage
-MDX files can import and use React components:
-
-```mdx
-import Tabs from '@theme/Tabs';
-import TabItem from '@theme/TabItem';
-
-<Tabs>
-  <TabItem value="npm" label="npm" default>
-    ```bash
-    npm install superset
-    ```
-  </TabItem>
-  <TabItem value="yarn" label="yarn">
-    ```bash
-    yarn add superset
-    ```
-  </TabItem>
-</Tabs>
-```
-
-### Code Blocks
-Use triple backticks with language identifiers:
-
-````markdown
-```python
-def hello_world():
-    print("Hello, Superset!")
-```
-
-```sql title="Example Query"
-SELECT * FROM users WHERE active = true;
-```
-
-```bash
-# Installation command
-pip install apache-superset
-```
-````
-
-### Admonitions
-Docusaurus supports various admonition types:
-
-```markdown
-:::note
-This is a note
-:::
-
-:::tip
-This is a tip
-:::
-
-:::warning
-This is a warning
-:::
-
-:::danger
-This is a danger warning
-:::
-
-:::info
-This is an info box
-:::
-```
-
-## 🔄 Version Management
-
-### Version Configuration
-Versions are managed through `versions-config.json`:
-
-```json
-{
-  "docs": {
-    "disabled": false,
-    "lastVersion": "6.0.0",        // Default version shown
-    "includeCurrentVersion": true,  // Show "Next" version
-    "onlyIncludeVersions": ["current", "6.0.0"],
-    "versions": {
-      "current": {
-        "label": "Next",
-        "path": "",
-        "banner": "unreleased"     // Shows warning banner
-      },
-      "6.0.0": {
-        "label": "6.0.0",
-        "path": "6.0.0",
-        "banner": "none"
-      }
-    }
-  }
-}
-```
-
-### Creating New Versions
-**IMPORTANT**: Always use the custom scripts, NOT native Docusaurus commands:
-
-```bash
-# ✅ CORRECT - Updates both Docusaurus and versions-config.json
-yarn version:add:docs 6.1.0
-
-# ❌ WRONG - Only updates Docusaurus, breaks version dropdown
-yarn docusaurus docs:version 6.1.0
-```
-
-### Version Files Created
-When versioning, these files are created:
-- `versioned_docs/version-X.X.X/` - Snapshot of current docs
-- `versioned_sidebars/version-X.X.X-sidebars.json` - Sidebar config
-- `versions.json` - List of all versions
-
-## 🎨 Styling and Theming
-
-### Custom CSS
-Add custom styles in `/src/css/custom.css`:
-
-```css
-:root {
-  --ifm-color-primary: #20a7c9;
-  --ifm-code-font-size: 95%;
-}
-```
-
-### Custom Components
-Create React components in `/src/components/`:
-
-```tsx
-// src/components/FeatureCard.tsx
-import React from 'react';
-
-export default function FeatureCard({title, description}) {
-  return (
-    <div className="card">
-      <h3>{title}</h3>
-      <p>{description}</p>
-    </div>
-  );
-}
-```
-
-Use in MDX:
-
-```mdx
-import FeatureCard from '@site/src/components/FeatureCard';
-
-<FeatureCard
-  title="Fast"
-  description="Lightning fast queries"
-/>
-```
-
-## 📦 Key Dependencies
-
-- **Docusaurus 3.8.1**: Static site generator
-- **React 18.3**: UI framework
-- **Ant Design 5.26**: Component library
-- **@superset-ui/core**: Superset UI components
-- **Swagger UI React**: API documentation
-- **Prism**: Syntax highlighting
-
-## 🔗 Linking Strategies
-
-### Internal Links
-Use relative paths for internal documentation:
-
-```markdown
-[Installation Guide](./installation/docker-compose)
-[Configuration](../configuration/configuring-superset)
-```
-
-### External Links
-Always use full URLs:
-
-```markdown
-[Apache Superset GitHub](https://github.com/apache/superset)
-```
-
-### Linking to Code
-Reference code in the main repository:
-
-```markdown
-See the [main configuration file](https://github.com/apache/superset/blob/master/superset/config.py)
-```
-
-## 🛠️ Common Documentation Tasks
-
-### Adding a New Guide
-1. Create the `.mdx` file in the appropriate directory
-2. Add frontmatter with title and description
-3. Update sidebar if needed (for manual sidebar configs)
-
-### Adding API Documentation
-The API docs use Swagger UI embedded in `/docs/api.mdx`:
-
-```mdx
-import SwaggerUI from "swagger-ui-react";
-import "swagger-ui-react/swagger-ui.css";
-
-<SwaggerUI url="/api/v1/openapi.json" />
-```
-
-### Adding Interactive Examples
-Use MDX to create interactive documentation:
-
-```mdx
-import CodeBlock from '@theme/CodeBlock';
-import MyComponentExample from '!!raw-loader!../examples/MyComponent.tsx';
-
-<CodeBlock language="tsx">{MyComponentExample}</CodeBlock>
-```
-
-## 📋 Documentation Checklist
-
-When creating or updating documentation:
-
-- [ ] Clear, descriptive title in frontmatter
-- [ ] Description for SEO in frontmatter
-- [ ] Proper heading hierarchy (h1 -> h2 -> h3)
-- [ ] Code examples with language identifiers
-- [ ] Links verified (internal and external)
-- [ ] Images have alt text
-- [ ] Admonitions used for important notes
-- [ ] Tested locally with `yarn start`
-- [ ] No broken links (check with `yarn build`)
-
-## 🔍 Searching and Navigation
-
-### Sidebar Configuration
-Sidebars are configured in `/sidebars.js`:
-
-```javascript
-module.exports = {
-  CustomSidebar: [
-    {
-      type: 'doc',
-      label: 'Introduction',
-      id: 'intro',
-    },
-    {
-      type: 'category',
-      label: 'Installation',
-      items: [
-        {
-          type: 'autogenerated',
-          dirName: 'installation',
-        },
-      ],
-    },
-  ],
-};
-```
-
-### Search
-Docusaurus includes Algolia DocSearch integration configured in `docusaurus.config.ts`.
-
-## 🚫 Common Pitfalls to Avoid
-
-1. **Never use `yarn docusaurus docs:version`** - Use `yarn version:add:docs` instead
-2. **Don't edit versioned docs directly** - Edit current docs and create new version
-3. **Avoid absolute paths in links** - Use relative paths for maintainability
-4. **Don't forget frontmatter** - Every doc needs title and description
-5. **Test builds locally** - Run `yarn build` before committing
-
-## 🔧 Troubleshooting
-
-### Dev Server Issues
-```bash
-yarn stop     # Kill any running servers
-yarn clear    # Clear cache
-yarn start    # Restart
-```
-
-### Build Failures
-```bash
-# Check for broken links
-yarn build
-
-# TypeScript issues
-yarn typecheck
-
-# Linting issues
-yarn eslint
-```
-
-### Version Issues
-If versions don't appear in dropdown:
-1. Check `versions-config.json` includes the version
-2. Verify version files exist in `versioned_docs/`
-3. Restart dev server
-
-## 📚 Resources
-
-- [Docusaurus Documentation](https://docusaurus.io/docs)
-- [MDX Documentation](https://mdxjs.com/)
-- [Superset Contributing Guide](../CONTRIBUTING.md)
-- [Main Superset Documentation](https://superset.apache.org/docs/intro)
-
-## 📖 Real Examples and Patterns
-
-### Example: Configuration Documentation Pattern
-From `docs/configuration/configuring-superset.mdx`:
-
-```mdx
----
-title: Configuring Superset
-hide_title: true
-sidebar_position: 1
-version: 1
----
-
-# Configuring Superset
-
-## superset_config.py
-
-Superset exposes hundreds of configurable parameters through its
-[config.py module](https://github.com/apache/superset/blob/master/superset/config.py).
-
-```bash
-export SUPERSET_CONFIG_PATH=/app/superset_config.py
-```
-```
-
-**Key patterns:**
-- Links to source code for reference
-- Code blocks with bash/python examples
-- Environment variable documentation
-- Step-by-step configuration instructions
-
-### Example: Tutorial Documentation Pattern
-From `docs/using-superset/creating-your-first-dashboard.mdx`:
-
-```mdx
-import useBaseUrl from "@docusaurus/useBaseUrl";
-
-## Creating Your First Dashboard
-
-:::tip
-In addition to this site, [Preset.io](http://preset.io/) maintains an updated set of end-user
-documentation at [docs.preset.io](https://docs.preset.io/).
-:::
-
-### Connecting to a new database
-
-<img src={useBaseUrl("/img/tutorial/tutorial_01_add_database_connection.png")} width="600" />
-```
-
-**Key patterns:**
-- Import Docusaurus hooks for dynamic URLs
-- Use of admonitions (:::tip) for helpful information
-- Screenshots with useBaseUrl for proper path resolution
-- Clear section hierarchy with ### subheadings
-- Step-by-step visual guides
-
-### Example: API Documentation Pattern
-From `docs/api.mdx`:
-
-```mdx
-import SwaggerUI from "swagger-ui-react";
-import "swagger-ui-react/swagger-ui.css";
-
-## API Documentation
-
-<SwaggerUI url="/api/v1/openapi.json" />
-```
-
-**Key patterns:**
-- Embedding interactive Swagger UI
-- Importing necessary CSS
-- Direct API spec integration
-
-### Common Image Patterns
-
-```mdx
-// For images in static folder
-import useBaseUrl from "@docusaurus/useBaseUrl";
-
-<img src={useBaseUrl("/img/feature-screenshot.png")} width="600" />
-
-// With caption
-<figure>
-  <img src={useBaseUrl("/img/dashboard.png")} alt="Dashboard view" />
-  <figcaption>Superset Dashboard Interface</figcaption>
-</figure>
-```
-
-### Multi-Tab Code Examples
-
-```mdx
-import Tabs from '@theme/Tabs';
-import TabItem from '@theme/TabItem';
-
-<Tabs
-  defaultValue="docker"
-  values={[
-    {label: 'Docker', value: 'docker'},
-    {label: 'Kubernetes', value: 'k8s'},
-    {label: 'PyPI', value: 'pypi'},
-  ]}>
-  <TabItem value="docker">
-    ```bash
-    docker-compose up
-    ```
-  </TabItem>
-  <TabItem value="k8s">
-    ```bash
-    kubectl apply -f superset.yaml
-    ```
-  </TabItem>
-  <TabItem value="pypi">
-    ```bash
-    pip install apache-superset
-    ```
-  </TabItem>
-</Tabs>
-```
-
-### Configuration File Examples
-
-```mdx
-```python title="superset_config.py"
-# Database connection example
-SQLALCHEMY_DATABASE_URI = 'postgresql://user:password@localhost/superset'
-
-# Security configuration
-SECRET_KEY = 'YOUR_SECRET_KEY_HERE'
-WTF_CSRF_ENABLED = True
-
-# Feature flags
-FEATURE_FLAGS = {
-    'ENABLE_TEMPLATE_PROCESSING': True,
-    'DASHBOARD_NATIVE_FILTERS': True,
-}
-```
-```
-
-### Cross-Referencing Pattern
-
-```mdx
-For detailed configuration options, see:
-- [Configuring Superset](./configuration/configuring-superset)
-- [Database Connections](./configuration/databases)
-- [Security Settings](./security/security)
-
-External resources:
-- [SQLAlchemy Documentation](https://docs.sqlalchemy.org/)
-- [Flask Configuration](https://flask.palletsprojects.com/config/)
-```
-
-### Writing Installation Guides
-
-```mdx
-## Prerequisites
-
-:::warning
-Ensure you have Python 3.9+ and Node.js 16+ installed before proceeding.
-:::
-
-## Installation Steps
-
-1. **Clone the repository**
-   ```bash
-   git clone https://github.com/apache/superset.git
-   cd superset
-   ```
-
-2. **Install Python dependencies**
-   ```bash
-   pip install -e .
-   ```
-
-3. **Initialize the database**
-   ```bash
-   superset db upgrade
-   superset init
-   ```
-
-:::tip Success Check
-Navigate to http://localhost:8088 and login with admin/admin
-:::
-```
-
-### Documenting API Endpoints
-
-```mdx
-## Chart API
-
-### GET /api/v1/chart/
-
-Returns a list of charts.
-
-**Parameters:**
-- `page` (optional): Page number
-- `page_size` (optional): Number of items per page
-
-**Example Request:**
-```bash
-curl -X GET "http://localhost:8088/api/v1/chart/" \
-  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"
-```
-
-**Example Response:**
-```json
-{
-  "count": 42,
-  "result": [
-    {
-      "id": 1,
-      "slice_name": "Sales Dashboard",
-      "viz_type": "line"
-    }
-  ]
-}
-```
-```
-
----
-
-**Note**: This documentation site serves as the primary resource for Superset users, administrators, and contributors. Always prioritize clarity, accuracy, and completeness when creating or updating documentation.

docs/developer_portal/api/frontend.md

@@ -0,0 +1,477 @@
+---
+title: Frontend API Reference
+sidebar_position: 1
+hide_title: true
+---
+
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+-->
+
+# Frontend API Reference
+
+The `@apache-superset/core` package provides comprehensive APIs for frontend extension development. All APIs are organized into logical namespaces for easy discovery and use.
+
+## Core API
+
+The core namespace provides fundamental extension functionality.
+
+### registerView
+
+Registers a new view or panel in the specified contribution point.
+
+```typescript
+core.registerView(
+  id: string,
+  component: React.ComponentType
+): Disposable
+```
+
+**Example:**
+```typescript
+const panel = context.core.registerView('my-extension.panel', () => (
+  <MyPanelComponent />
+));
+```
+
+### getActiveView
+
+Gets the currently active view in a contribution area.
+
+```typescript
+core.getActiveView(area: string): View | undefined
+```
+
+## Commands API
+
+Manages command registration and execution.
+
+### registerCommand
+
+Registers a new command that can be triggered by menus, shortcuts, or programmatically.
+
+```typescript
+commands.registerCommand(
+  id: string,
+  handler: CommandHandler
+): Disposable
+
+interface CommandHandler {
+  title: string;
+  icon?: string;
+  execute: (...args: any[]) => any;
+  isEnabled?: (...args: any[]) => boolean;
+}
+```
+
+**Example:**
+```typescript
+const cmd = context.commands.registerCommand('my-extension.analyze', {
+  title: 'Analyze Query',
+  icon: 'BarChartOutlined',
+  execute: () => {
+    const query = context.sqlLab.getCurrentQuery();
+    // Perform analysis
+  },
+  isEnabled: () => {
+    return context.sqlLab.hasActiveEditor();
+  }
+});
+```
+
+### executeCommand
+
+Executes a registered command by ID.
+
+```typescript
+commands.executeCommand(id: string, ...args: any[]): Promise<any>
+```
+
+## SQL Lab API
+
+Provides access to SQL Lab functionality and events.
+
+### Query Access
+
+```typescript
+// Get current tab
+sqlLab.getCurrentTab(): Tab | undefined
+
+// Get all tabs
+sqlLab.getTabs(): Tab[]
+
+// Get current query
+sqlLab.getCurrentQuery(): string
+
+// Get selected text
+sqlLab.getSelectedText(): string | undefined
+```
+
+### Database Access
+
+```typescript
+// Get available databases
+sqlLab.getDatabases(): Database[]
+
+// Get database by ID
+sqlLab.getDatabase(id: number): Database | undefined
+
+// Get schemas for database
+sqlLab.getSchemas(databaseId: number): Promise<string[]>
+
+// Get tables for schema
+sqlLab.getTables(
+  databaseId: number,
+  schema: string
+): Promise<Table[]>
+```
+
+### Events
+
+```typescript
+// Query execution events
+sqlLab.onDidQueryRun: Event<QueryResult>
+sqlLab.onDidQueryStop: Event<QueryResult>
+sqlLab.onDidQueryFail: Event<QueryError>
+
+// Editor events
+sqlLab.onDidChangeEditorContent: Event<string>
+sqlLab.onDidChangeSelection: Event<Selection>
+
+// Tab events
+sqlLab.onDidChangeActiveTab: Event<Tab>
+sqlLab.onDidCloseTab: Event<Tab>
+sqlLab.onDidChangeTabTitle: Event<{tab: Tab, title: string}>
+
+// Panel events
+sqlLab.onDidOpenPanel: Event<Panel>
+sqlLab.onDidClosePanel: Event<Panel>
+sqlLab.onDidChangeActivePanel: Event<Panel>
+```
+
+**Event Usage Example:**
+```typescript
+const disposable = context.sqlLab.onDidQueryRun((result) => {
+  console.log('Query executed:', result.query);
+  console.log('Rows returned:', result.rowCount);
+  console.log('Execution time:', result.executionTime);
+});
+
+// Remember to dispose when done
+context.subscriptions.push(disposable);
+```
+
+## Authentication API
+
+Handles authentication and security tokens.
+
+### getCSRFToken
+
+Gets the current CSRF token for API requests.
+
+```typescript
+authentication.getCSRFToken(): Promise<string>
+```
+
+### getCurrentUser
+
+Gets information about the current user.
+
+```typescript
+authentication.getCurrentUser(): User
+
+interface User {
+  id: number;
+  username: string;
+  email: string;
+  roles: Role[];
+  permissions: Permission[];
+}
+```
+
+### hasPermission
+
+Checks if the current user has a specific permission.
+
+```typescript
+authentication.hasPermission(permission: string): boolean
+```
+
+## Extensions API
+
+Manages extension lifecycle and inter-extension communication.
+
+### getExtension
+
+Gets information about an installed extension.
+
+```typescript
+extensions.getExtension(id: string): Extension | undefined
+
+interface Extension {
+  id: string;
+  name: string;
+  version: string;
+  isActive: boolean;
+  metadata: ExtensionMetadata;
+}
+```
+
+### getActiveExtensions
+
+Gets all currently active extensions.
+
+```typescript
+extensions.getActiveExtensions(): Extension[]
+```
+
+### Events
+
+```typescript
+// Extension lifecycle events
+extensions.onDidActivateExtension: Event<Extension>
+extensions.onDidDeactivateExtension: Event<Extension>
+```
+
+## UI Components
+
+Import pre-built UI components from `@apache-superset/core`:
+
+```typescript
+import {
+  Button,
+  Select,
+  Input,
+  Table,
+  Modal,
+  Alert,
+  Tabs,
+  Card,
+  Dropdown,
+  Menu,
+  Tooltip,
+  Icon,
+  // ... many more
+} from '@apache-superset/core';
+```
+
+### Example Component Usage
+
+```typescript
+import { Button, Alert } from '@apache-superset/core';
+
+function MyExtensionPanel() {
+  return (
+    <div>
+      <Alert
+        message="Extension Loaded"
+        description="Your extension is ready to use"
+        type="success"
+      />
+      <Button
+        type="primary"
+        onClick={() => console.log('Clicked!')}
+      >
+        Execute Action
+      </Button>
+    </div>
+  );
+}
+```
+
+## Storage API
+
+Provides persistent storage for extension data.
+
+### Local Storage
+
+```typescript
+// Store data
+storage.local.set(key: string, value: any): Promise<void>
+
+// Retrieve data
+storage.local.get(key: string): Promise<any>
+
+// Remove data
+storage.local.remove(key: string): Promise<void>
+
+// Clear all extension data
+storage.local.clear(): Promise<void>
+```
+
+### Workspace Storage
+
+Workspace storage is shared across all users for collaborative features.
+
+```typescript
+storage.workspace.set(key: string, value: any): Promise<void>
+storage.workspace.get(key: string): Promise<any>
+storage.workspace.remove(key: string): Promise<void>
+```
+
+## Network API
+
+Utilities for making API calls to Superset.
+
+### fetch
+
+Enhanced fetch with CSRF token handling.
+
+```typescript
+network.fetch(url: string, options?: RequestInit): Promise<Response>
+```
+
+### API Client
+
+Type-safe API client for Superset endpoints.
+
+```typescript
+// Get chart data
+network.api.charts.get(id: number): Promise<Chart>
+
+// Query database
+network.api.sqlLab.execute(
+  databaseId: number,
+  query: string
+): Promise<QueryResult>
+
+// Get datasets
+network.api.datasets.list(): Promise<Dataset[]>
+```
+
+## Utility Functions
+
+### Formatting
+
+```typescript
+// Format numbers
+utils.formatNumber(value: number, format?: string): string
+
+// Format dates
+utils.formatDate(date: Date, format?: string): string
+
+// Format SQL
+utils.formatSQL(sql: string): string
+```
+
+### Validation
+
+```typescript
+// Validate SQL syntax
+utils.validateSQL(sql: string): ValidationResult
+
+// Check if valid database ID
+utils.isValidDatabaseId(id: any): boolean
+```
+
+## TypeScript Types
+
+Import common types for type safety:
+
+```typescript
+import type {
+  Database,
+  Dataset,
+  Chart,
+  Dashboard,
+  Query,
+  QueryResult,
+  Tab,
+  Panel,
+  User,
+  Role,
+  Permission,
+  ExtensionContext,
+  Disposable,
+  Event,
+  // ... more types
+} from '@apache-superset/core';
+```
+
+## Extension Context
+
+The context object passed to your extension's `activate` function:
+
+```typescript
+interface ExtensionContext {
+  // Subscription management
+  subscriptions: Disposable[];
+
+  // Extension metadata
+  extensionId: string;
+  extensionPath: string;
+
+  // API namespaces
+  core: CoreAPI;
+  commands: CommandsAPI;
+  sqlLab: SqlLabAPI;
+  authentication: AuthenticationAPI;
+  extensions: ExtensionsAPI;
+  storage: StorageAPI;
+  network: NetworkAPI;
+  utils: UtilsAPI;
+
+  // Logging
+  logger: Logger;
+}
+```
+
+## Event Handling
+
+Events follow the VS Code pattern with subscribe/dispose:
+
+```typescript
+// Subscribe to event
+const disposable = sqlLab.onDidQueryRun((result) => {
+  // Handle event
+});
+
+// Dispose when done
+disposable.dispose();
+
+// Or add to context for automatic cleanup
+context.subscriptions.push(disposable);
+```
+
+## Best Practices
+
+1. **Always dispose subscriptions** to prevent memory leaks
+2. **Use TypeScript** for better IDE support and type safety
+3. **Handle errors gracefully** with try-catch blocks
+4. **Check permissions** before sensitive operations
+5. **Use provided UI components** for consistency
+6. **Cache API responses** when appropriate
+7. **Validate user input** before processing
+
+## Version Compatibility
+
+The frontend API follows semantic versioning:
+
+- **Major version**: Breaking changes
+- **Minor version**: New features, backward compatible
+- **Patch version**: Bug fixes
+
+Check compatibility in your `extension.json`:
+
+```json
+{
+  "engines": {
+    "@apache-superset/core": "^1.0.0"
+  }
+}
+```

docs/developer_portal/architecture/overview.md

@@ -0,0 +1,348 @@
+---
+title: Architecture Overview
+sidebar_position: 1
+hide_title: true
+---
+
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+-->
+
+# Extension Architecture Overview
+
+The Superset extension architecture is designed to be modular, secure, and performant. This document provides a comprehensive overview of how extensions work and interact with the Superset host application.
+
+## Core Principles
+
+### 1. Lean Core
+Superset's core remains minimal, with features delegated to extensions wherever possible. Built-in features use the same APIs as external extensions, ensuring API quality through dogfooding.
+
+### 2. Explicit Contribution Points
+All extension points are clearly defined and documented. Extensions declare their capabilities in metadata files, enabling predictable lifecycle management.
+
+### 3. Versioned APIs
+Public interfaces follow semantic versioning, ensuring backward compatibility and safe evolution of the platform.
+
+### 4. Lazy Loading
+Extensions load only when needed, minimizing performance impact and resource consumption.
+
+### 5. Composability
+Architecture patterns and APIs are reusable across different Superset modules, promoting consistency.
+
+### 6. Community-Driven
+The system evolves based on real-world feedback, with new extension points added as needs emerge.
+
+## System Architecture
+
+```mermaid
+graph TB
+    subgraph "Superset Host Application"
+        Core[Core Application]
+        API[Extension APIs]
+        Loader[Extension Loader]
+        Manager[Extension Manager]
+    end
+
+    subgraph "Core Packages"
+        FrontendCore["@apache-superset/core<br/>(Frontend)"]
+        BackendCore["apache-superset-core<br/>(Backend)"]
+        CLI["apache-superset-extensions-cli"]
+    end
+
+    subgraph "Extension"
+        Metadata[extension.json]
+        Frontend[Frontend Code]
+        Backend[Backend Code]
+        Bundle[.supx Bundle]
+    end
+
+    Core --> API
+    API --> FrontendCore
+    API --> BackendCore
+    Loader --> Manager
+    Manager --> Bundle
+    Frontend --> FrontendCore
+    Backend --> BackendCore
+    CLI --> Bundle
+```
+
+## Key Components
+
+### Host Application
+
+The Superset host application provides:
+
+- **Extension APIs**: Well-defined interfaces for extensions to interact with Superset
+- **Extension Manager**: Handles lifecycle, activation, and deactivation
+- **Module Loader**: Dynamically loads extension code using Webpack Module Federation
+- **Security Context**: Manages permissions and sandboxing for extensions
+
+### Core Packages
+
+#### @apache-superset/core (Frontend)
+- Shared UI components and utilities
+- TypeScript type definitions
+- Frontend API implementations
+- Event system and command registry
+
+#### apache-superset-core (Backend)
+- Python base classes and utilities
+- Database access APIs
+- Security and permission helpers
+- REST API registration
+
+#### apache-superset-extensions-cli
+- Project scaffolding
+- Build and bundling tools
+- Development server
+- Package management
+
+### Extension Structure
+
+Each extension consists of:
+
+- **Metadata** (`extension.json`): Declares capabilities and requirements
+- **Frontend**: React components and TypeScript code
+- **Backend**: Python modules and API endpoints
+- **Assets**: Styles, images, and other resources
+- **Bundle** (`.supx`): Packaged distribution format
+
+## Module Federation
+
+Extensions use Webpack Module Federation for dynamic loading:
+
+```javascript
+// Extension webpack.config.js
+new ModuleFederationPlugin({
+  name: 'my_extension',
+  filename: 'remoteEntry.[contenthash].js',
+  exposes: {
+    './index': './src/index.tsx',
+  },
+  externals: {
+    '@apache-superset/core': 'superset',
+  },
+  shared: {
+    react: { singleton: true },
+    'react-dom': { singleton: true },
+  }
+})
+```
+
+This allows:
+- **Independent builds**: Extensions compile separately from Superset
+- **Shared dependencies**: Common libraries like React aren't duplicated
+- **Dynamic loading**: Extensions load at runtime without rebuilding Superset
+- **Version compatibility**: Extensions declare compatible core versions
+
+## Extension Lifecycle
+
+### 1. Registration
+```typescript
+// Extension registered with host
+extensionManager.register({
+  name: 'my-extension',
+  version: '1.0.0',
+  manifest: manifestData
+});
+```
+
+### 2. Activation
+```typescript
+// activate() called when extension loads
+export function activate(context: ExtensionContext) {
+  // Register contributions
+  const disposables = [];
+
+  // Add panel
+  disposables.push(
+    context.core.registerView('my-panel', MyPanel)
+  );
+
+  // Register command
+  disposables.push(
+    context.commands.registerCommand('my-command', {
+      execute: () => { /* ... */ }
+    })
+  );
+
+  // Store for cleanup
+  context.subscriptions.push(...disposables);
+}
+```
+
+### 3. Runtime
+- Extension responds to events
+- Provides UI components when requested
+- Executes commands when triggered
+- Accesses APIs as needed
+
+### 4. Deactivation
+```typescript
+// Automatic cleanup of registered items
+export function deactivate() {
+  // context.subscriptions automatically disposed
+  // Additional cleanup if needed
+}
+```
+
+## Contribution Types
+
+### Views
+Extensions can add panels and UI components:
+
+```json
+{
+  "views": {
+    "sqllab.panels": [{
+      "id": "my-panel",
+      "name": "My Panel",
+      "icon": "ToolOutlined"
+    }]
+  }
+}
+```
+
+### Commands
+Define executable actions:
+
+```json
+{
+  "commands": [{
+    "command": "my-extension.run",
+    "title": "Run Analysis",
+    "icon": "PlayCircleOutlined"
+  }]
+}
+```
+
+### Menus
+Add items to existing menus:
+
+```json
+{
+  "menus": {
+    "sqllab.editor": {
+      "primary": [{
+        "command": "my-extension.run",
+        "when": "editorHasSelection"
+      }]
+    }
+  }
+}
+```
+
+### API Endpoints
+Register backend REST endpoints:
+
+```python
+from superset_core.api import rest_api
+
+@rest_api.route('/my-endpoint')
+def my_endpoint():
+    return {'data': 'value'}
+```
+
+## Security Model
+
+### Permissions
+- Extensions run with user's permissions
+- No elevation of privileges
+- Access controlled by Superset's RBAC
+
+### Sandboxing
+- Frontend code runs in browser context
+- Backend code runs in Python process
+- Future: Optional sandboxed execution
+
+### Validation
+- Manifest validation on upload
+- Signature verification (future)
+- Dependency scanning
+
+## Performance Considerations
+
+### Lazy Loading
+- Extensions load only when features are accessed
+- Code splitting for large extensions
+- Cached after first load
+
+### Bundle Optimization
+- Tree shaking removes unused code
+- Minification reduces size
+- Compression for network transfer
+
+### Resource Management
+- Automatic cleanup on deactivation
+- Memory leak prevention
+- Event listener management
+
+## Development vs Production
+
+### Development Mode
+```python
+# superset_config.py
+ENABLE_EXTENSIONS = True
+LOCAL_EXTENSIONS = ['/path/to/extension']
+```
+- Hot reloading
+- Source maps
+- Debug logging
+
+### Production Mode
+- Optimized bundles
+- Cached assets
+- Performance monitoring
+
+## Future Enhancements
+
+### Planned Features
+- Enhanced sandboxing
+- Extension marketplace
+- Inter-extension communication
+- Theme contributions
+- Chart type extensions
+
+### API Expansion
+- Dashboard extensions
+- Database connector API
+- Security provider interface
+- Workflow automation
+
+## Best Practices
+
+### Do's
+- ✅ Use TypeScript for type safety
+- ✅ Follow semantic versioning
+- ✅ Handle errors gracefully
+- ✅ Clean up resources properly
+- ✅ Document your extension
+
+### Don'ts
+- ❌ Access private APIs
+- ❌ Modify global state directly
+- ❌ Block the main thread
+- ❌ Store sensitive data insecurely
+- ❌ Assume API stability in 0.x versions
+
+## Learn More
+
+- [API Reference](../api/frontend)
+- [Development Guide](../getting-started)
+- [Security Guidelines](./security)
+- [Performance Optimization](./performance)

docs/developer_portal/cli/overview.md

@@ -0,0 +1,466 @@
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+-->
+---
+title: CLI Documentation
+sidebar_position: 1
+hide_title: true
+---
+
+# Superset Extensions CLI
+
+The `apache-superset-extensions-cli` provides command-line tools for creating, developing, and packaging Superset extensions.
+
+## Installation
+
+```bash
+pip install apache-superset-extensions-cli
+```
+
+## Commands
+
+### init
+
+Creates a new extension project with the standard folder structure.
+
+```bash
+superset-extensions init <extension-name> [options]
+```
+
+**Options:**
+- `--template <template>`: Use a specific template (default: basic)
+- `--author <name>`: Set the author name
+- `--description <text>`: Set the extension description
+- `--with-backend`: Include backend code structure
+
+**Example:**
+```bash
+superset-extensions init my-extension \
+  --author "John Doe" \
+  --description "Adds custom analytics to SQL Lab" \
+  --with-backend
+```
+
+**Generated Structure:**
+```
+my-extension/
+├── extension.json
+├── frontend/
+│   ├── src/
+│   │   └── index.tsx
+│   ├── package.json
+│   ├── tsconfig.json
+│   └── webpack.config.js
+├── backend/
+│   ├── src/
+│   │   └── my_extension/
+│   │       ├── __init__.py
+│   │       └── entrypoint.py
+│   ├── tests/
+│   ├── pyproject.toml
+│   └── requirements.txt
+└── README.md
+```
+
+### dev
+
+Starts the development server with hot reloading.
+
+```bash
+superset-extensions dev [options]
+```
+
+**Options:**
+- `--port <port>`: Development server port (default: 9001)
+- `--host <host>`: Development server host (default: localhost)
+- `--no-watch`: Disable file watching
+- `--verbose`: Show detailed output
+
+**Example:**
+```bash
+# Start development server
+superset-extensions dev
+
+# Output:
+⚙️  Building frontend assets...
+✅ Frontend rebuilt
+✅ Backend files synced
+✅ Manifest updated
+👀 Watching for changes...
+```
+
+### build
+
+Builds the extension for production.
+
+```bash
+superset-extensions build [options]
+```
+
+**Options:**
+- `--mode <mode>`: Build mode (development | production)
+- `--analyze`: Generate bundle analysis
+- `--source-maps`: Include source maps
+
+**Example:**
+```bash
+# Production build
+superset-extensions build --mode production
+
+# With analysis
+superset-extensions build --analyze
+```
+
+### bundle
+
+Creates a `.supx` package for distribution.
+
+```bash
+superset-extensions bundle [options]
+```
+
+**Options:**
+- `--output <path>`: Output directory (default: current)
+- `--sign`: Sign the package (requires certificate)
+- `--compress`: Compression level (0-9, default: 6)
+
+**Example:**
+```bash
+# Create bundle
+superset-extensions bundle
+
+# Creates: my-extension-1.0.0.supx
+```
+
+### validate
+
+Validates extension configuration and structure.
+
+```bash
+superset-extensions validate [options]
+```
+
+**Options:**
+- `--fix`: Auto-fix common issues
+- `--strict`: Enable strict validation
+
+**Checks:**
+- Valid extension.json syntax
+- Required files present
+- Dependency versions
+- Module exports
+- TypeScript configuration
+
+**Example:**
+```bash
+superset-extensions validate --strict
+
+# Output:
+✅ extension.json valid
+✅ Frontend structure valid
+✅ Backend structure valid
+⚠️  Warning: Missing LICENSE file
+✅ Validation passed with warnings
+```
+
+### test
+
+Runs extension tests.
+
+```bash
+superset-extensions test [options]
+```
+
+**Options:**
+- `--coverage`: Generate coverage report
+- `--watch`: Run in watch mode
+- `--frontend-only`: Run only frontend tests
+- `--backend-only`: Run only backend tests
+
+**Example:**
+```bash
+# Run all tests
+superset-extensions test --coverage
+
+# Watch mode for frontend
+superset-extensions test --frontend-only --watch
+```
+
+### publish
+
+Publishes extension to a registry (future feature).
+
+```bash
+superset-extensions publish [options]
+```
+
+**Options:**
+- `--registry <url>`: Registry URL
+- `--token <token>`: Authentication token
+- `--dry-run`: Simulate publish
+
+## Configuration
+
+### Project Configuration
+
+The CLI reads configuration from multiple sources:
+
+1. **extension.json** - Extension metadata
+2. **package.json** - Frontend dependencies
+3. **pyproject.toml** - Backend configuration
+4. **.extensionrc** - CLI-specific settings
+
+### .extensionrc Example
+
+```json
+{
+  "dev": {
+    "port": 9001,
+    "host": "localhost",
+    "autoReload": true
+  },
+  "build": {
+    "mode": "production",
+    "sourceMaps": false,
+    "optimization": true
+  },
+  "test": {
+    "coverage": true,
+    "threshold": {
+      "statements": 80,
+      "branches": 70,
+      "functions": 80,
+      "lines": 80
+    }
+  }
+}
+```
+
+## Templates
+
+### Available Templates
+
+- **basic**: Simple extension with frontend only
+- **full-stack**: Frontend and backend components
+- **sql-panel**: SQL Lab panel extension
+- **api-only**: Backend API extension
+- **chart-plugin**: Custom chart visualization
+
+### Using Templates
+
+```bash
+# Use specific template
+superset-extensions init my-chart --template chart-plugin
+
+# List available templates
+superset-extensions init --list-templates
+```
+
+### Custom Templates
+
+Create custom templates in `~/.superset-extensions/templates/`:
+
+```
+~/.superset-extensions/templates/
+└── my-template/
+    ├── template.json
+    └── files/
+        └── ... template files ...
+```
+
+## Development Workflow
+
+### 1. Create Extension
+
+```bash
+superset-extensions init awesome-feature
+cd awesome-feature
+```
+
+### 2. Install Dependencies
+
+```bash
+# Frontend
+cd frontend && npm install
+
+# Backend (if applicable)
+cd ../backend && pip install -r requirements.txt
+```
+
+### 3. Configure Superset
+
+```python
+# superset_config.py
+ENABLE_EXTENSIONS = True
+LOCAL_EXTENSIONS = [
+    "/path/to/awesome-feature"
+]
+```
+
+### 4. Start Development
+
+```bash
+# Terminal 1: Extension dev server
+superset-extensions dev
+
+# Terminal 2: Superset
+superset run -p 8088 --reload
+```
+
+### 5. Test Changes
+
+Make changes to your code and see them reflected immediately in Superset.
+
+### 6. Build and Package
+
+```bash
+# Validate
+superset-extensions validate
+
+# Test
+superset-extensions test
+
+# Build
+superset-extensions build --mode production
+
+# Bundle
+superset-extensions bundle
+```
+
+### 7. Deploy
+
+Upload the `.supx` file to your Superset instance.
+
+## Environment Variables
+
+The CLI respects these environment variables:
+
+- `SUPERSET_EXTENSIONS_DEV_PORT`: Development server port
+- `SUPERSET_EXTENSIONS_DEV_HOST`: Development server host
+- `SUPERSET_BASE_URL`: Superset instance URL
+- `NODE_ENV`: Node environment (development/production)
+- `PYTHONPATH`: Python module search path
+
+## Troubleshooting
+
+### Common Issues
+
+#### Port Already in Use
+
+```bash
+# Use different port
+superset-extensions dev --port 9002
+```
+
+#### Module Federation Errors
+
+```bash
+# Rebuild with clean cache
+rm -rf dist/ node_modules/.cache
+superset-extensions build
+```
+
+#### Python Import Errors
+
+```bash
+# Ensure virtual environment is activated
+source venv/bin/activate
+superset-extensions dev
+```
+
+### Debug Mode
+
+Enable verbose output for troubleshooting:
+
+```bash
+# Verbose output
+superset-extensions dev --verbose
+
+# Debug webpack
+DEBUG=webpack:* superset-extensions build
+```
+
+## Best Practices
+
+1. **Version Control**: Commit `extension.json` but not `dist/`
+2. **Dependencies**: Pin versions in package.json
+3. **Testing**: Write tests for critical functionality
+4. **Documentation**: Keep README.md updated
+5. **Validation**: Run validate before bundling
+6. **Semantic Versioning**: Follow semver for releases
+
+## Advanced Usage
+
+### Custom Webpack Configuration
+
+Extend the default webpack config:
+
+```javascript
+// webpack.config.js
+const baseConfig = require('./webpack.base.config');
+
+module.exports = {
+  ...baseConfig,
+  // Custom modifications
+  resolve: {
+    ...baseConfig.resolve,
+    alias: {
+      '@': path.resolve(__dirname, 'src'),
+    },
+  },
+};
+```
+
+### CI/CD Integration
+
+```yaml
+# .github/workflows/extension.yml
+name: Extension CI
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+      - uses: actions/setup-python@v2
+
+      - name: Install CLI
+        run: pip install apache-superset-extensions-cli
+
+      - name: Validate
+        run: superset-extensions validate --strict
+
+      - name: Test
+        run: superset-extensions test --coverage
+
+      - name: Build
+        run: superset-extensions build --mode production
+
+      - name: Bundle
+        run: superset-extensions bundle
+```
+
+## Getting Help
+
+- **Documentation**: [Developer Portal](../)
+- **Examples**: [GitHub Repository](https://github.com/apache/superset/tree/master/extensions)
+- **Issues**: [GitHub Issues](https://github.com/apache/superset/issues)
+- **Community**: [Slack Channel](https://apache-superset.slack.com)

docs/developer_portal/contributing/code-review.md

@@ -1,339 +0,0 @@
----
-title: Code Review Process
-sidebar_position: 4
----
-
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-
-# Code Review Process
-
-Understand how code reviews work in Apache Superset and how to participate effectively.
-
-## Overview
-
-Code review is a critical part of maintaining code quality and sharing knowledge across the team. Every change to Superset goes through peer review before merging.
-
-## For Authors
-
-### Preparing for Review
-
-#### Before Requesting Review
-- [ ] Self-review your changes
-- [ ] Ensure CI checks pass
-- [ ] Add comprehensive tests
-- [ ] Update documentation
-- [ ] Fill out PR template completely
-- [ ] Add screenshots for UI changes
-
-#### Self-Review Checklist
-```bash
-# View your changes
-git diff upstream/master
-
-# Check for common issues:
-# - Commented out code
-# - Debug statements (console.log, print)
-# - TODO comments that should be addressed
-# - Hardcoded values that should be configurable
-# - Missing error handling
-# - Performance implications
-```
-
-### Requesting Review
-
-#### Auto-Assignment
-GitHub will automatically request reviews based on CODEOWNERS file.
-
-#### Manual Assignment
-For specific expertise, request additional reviewers:
-- Frontend changes: Tag frontend experts
-- Backend changes: Tag backend experts
-- Security changes: Tag security team
-- Database changes: Tag database experts
-
-#### Review Request Message
-```markdown
-@reviewer This PR implements [feature]. Could you please review:
-1. The approach taken in [file]
-2. Performance implications of [change]
-3. Security considerations for [feature]
-
-Thanks!
-```
-
-### Responding to Feedback
-
-#### Best Practices
-- **Be receptive**: Reviews improve code quality
-- **Ask questions**: Clarify if feedback is unclear
-- **Explain decisions**: Share context for your choices
-- **Update promptly**: Address feedback in timely manner
-
-#### Comment Responses
-```markdown
-# Acknowledging
-"Good catch! Fixed in [commit hash]"
-
-# Explaining
-"I chose this approach because [reason]. Would you prefer [alternative]?"
-
-# Questioning
-"Could you elaborate on [concern]? I'm not sure I understand the issue."
-
-# Disagreeing respectfully
-"I see your point, but I think [current approach] because [reason]. What do you think?"
-```
-
-## For Reviewers
-
-### Review Responsibilities
-
-#### What to Review
-1. **Correctness**: Does the code do what it claims?
-2. **Design**: Is the approach appropriate?
-3. **Clarity**: Is the code readable and maintainable?
-4. **Testing**: Are tests comprehensive?
-5. **Performance**: Any performance concerns?
-6. **Security**: Any security issues?
-7. **Documentation**: Is it well documented?
-
-### Review Checklist
-
-#### Functionality
-- [ ] Feature works as described
-- [ ] Edge cases are handled
-- [ ] Error handling is appropriate
-- [ ] Backwards compatibility maintained
-
-#### Code Quality
-- [ ] Follows project conventions
-- [ ] No code duplication
-- [ ] Clear variable/function names
-- [ ] Appropriate abstraction levels
-- [ ] SOLID principles followed
-
-#### Testing
-- [ ] Unit tests for business logic
-- [ ] Integration tests for APIs
-- [ ] E2E tests for critical paths
-- [ ] Tests are maintainable
-- [ ] Good test coverage
-
-#### Security
-- [ ] Input validation
-- [ ] SQL injection prevention
-- [ ] XSS prevention
-- [ ] CSRF protection
-- [ ] Authentication/authorization checks
-- [ ] No sensitive data in logs
-
-#### Performance
-- [ ] Database queries optimized
-- [ ] No N+1 queries
-- [ ] Appropriate caching
-- [ ] Frontend bundle size impact
-- [ ] Memory usage considerations
-
-### Providing Feedback
-
-#### Effective Comments
-
-```python
-# ✅ Good: Specific and actionable
-"This query could cause N+1 problems. Consider using
-`select_related('user')` to fetch users in a single query."
-
-# ❌ Bad: Vague
-"This doesn't look right."
-```
-
-```typescript
-// ✅ Good: Suggests improvement
-"Consider using useMemo here to prevent unnecessary
-re-renders when dependencies haven't changed."
-
-// ❌ Bad: Just criticism
-"This is inefficient."
-```
-
-#### Comment Types
-
-**Use GitHub's comment types:**
-- **Comment**: General feedback or questions
-- **Approve**: Changes look good
-- **Request Changes**: Must be addressed before merge
-
-**Prefix conventions:**
-- `nit:` Minor issue (non-blocking)
-- `suggestion:` Recommended improvement
-- `question:` Seeking clarification
-- `blocker:` Must be fixed
-- `praise:` Highlighting good work
-
-#### Examples
-
-```markdown
-nit: Consider renaming `getData` to `fetchUserData` for clarity
-
-suggestion: This could be simplified using Array.reduce()
-
-question: Is this intentionally not handling the error case?
-
-blocker: This SQL is vulnerable to injection. Please use parameterized queries.
-
-praise: Excellent test coverage! 👍
-```
-
-## Review Process
-
-### Timeline
-
-#### Expected Response Times
-- **Initial review**: Within 2-3 business days
-- **Follow-up review**: Within 1-2 business days
-- **Critical fixes**: ASAP (tag in Slack)
-
-#### Escalation
-If no response after 3 days:
-1. Ping reviewer in PR comments
-2. Ask in #development Slack channel
-3. Tag @apache/superset-committers
-
-### Approval Requirements
-
-#### Minimum Requirements
-- **1 approval** from a committer for minor changes
-- **2 approvals** for significant features
-- **3 approvals** for breaking changes
-
-#### Special Cases
-- **Security changes**: Require security team review
-- **API changes**: Require API team review
-- **Database migrations**: Require database expert review
-- **UI/UX changes**: Require design review
-
-### Merge Process
-
-#### Who Can Merge
-- Committers with write access
-- After all requirements met
-- CI checks must pass
-
-#### Merge Methods
-- **Squash and merge**: Default for feature PRs
-- **Rebase and merge**: For clean history
-- **Create merge commit**: Rarely used
-
-#### Merge Checklist
-- [ ] All CI checks green
-- [ ] Required approvals obtained
-- [ ] No unresolved conversations
-- [ ] PR title follows conventions
-- [ ] Milestone set (if applicable)
-
-## Review Etiquette
-
-### Do's
-- ✅ Be kind and constructive
-- ✅ Acknowledge time and effort
-- ✅ Provide specific examples
-- ✅ Suggest solutions
-- ✅ Praise good work
-- ✅ Consider cultural differences
-- ✅ Focus on the code, not the person
-
-### Don'ts
-- ❌ Use harsh or dismissive language
-- ❌ Bikeshed on minor preferences
-- ❌ Review when tired or frustrated
-- ❌ Make personal attacks
-- ❌ Ignore the PR description
-- ❌ Demand perfection
-
-## Becoming a Reviewer
-
-### Path to Reviewer
-1. **Contribute regularly**: Submit quality PRs
-2. **Participate in discussions**: Share knowledge
-3. **Review others' code**: Start with comments
-4. **Build expertise**: Focus on specific areas
-5. **Get nominated**: By existing committers
-
-### Reviewer Expectations
-- Review PRs in your area of expertise
-- Respond within reasonable time
-- Mentor new contributors
-- Maintain high standards
-- Stay current with best practices
-
-## Advanced Topics
-
-### Reviewing Large PRs
-
-#### Strategy
-1. **Request splitting**: Ask to break into smaller PRs
-2. **Review in phases**:
-   - Architecture/approach first
-   - Implementation details second
-   - Tests and docs last
-3. **Use draft reviews**: Save comments and submit together
-
-### Cross-Team Reviews
-
-#### When Needed
-- Changes affecting multiple teams
-- Shared components/libraries
-- API contract changes
-- Database schema changes
-
-### Performance Reviews
-
-#### Tools
-```python
-# Backend performance
-import cProfile
-import pstats
-
-# Profile the code
-cProfile.run('function_to_profile()', 'stats.prof')
-stats = pstats.Stats('stats.prof')
-stats.sort_stats('cumulative').print_stats(10)
-```
-
-```typescript
-// Frontend performance
-// Use React DevTools Profiler
-// Chrome DevTools Performance tab
-// Lighthouse audits
-```
-
-## Resources
-
-### Internal
-- [Coding Guidelines](../guidelines/design-guidelines)
-- [Testing Guide](../testing/overview)
-- [Extension Architecture](../extensions/architecture)
-
-### External
-- [Google's Code Review Guide](https://google.github.io/eng-practices/review/)
-- [Best Practices for Code Review](https://smartbear.com/learn/code-review/best-practices-for-peer-code-review/)
-- [The Art of Readable Code](https://www.oreilly.com/library/view/the-art-of/9781449318482/)
-
-Next: [Reporting issues effectively](./issue-reporting)

docs/developer_portal/contributing/guidelines.md

@@ -1,415 +0,0 @@
----
-title: Contribution Guidelines
-sidebar_position: 4
----
-
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-
-# Contribution Guidelines
-
-## Pull Request Guidelines
-
-A philosophy we would like to strongly encourage is
-
-> Before creating a PR, create an issue.
-
-The purpose is to separate problem from possible solutions.
-
-**Bug fixes:** If you're only fixing a small bug, it's fine to submit a pull request right away but we highly recommend filing an issue detailing what you're fixing. This is helpful in case we don't accept that specific fix but want to keep track of the issue. Please keep in mind that the project maintainers reserve the rights to accept or reject incoming PRs, so it is better to separate the issue and the code to fix it from each other. In some cases, project maintainers may request you to create a separate issue from PR before proceeding.
-
-**Refactor:** For small refactors, it can be a standalone PR itself detailing what you are refactoring and why. If there are concerns, project maintainers may request you to create a `#SIP` for the PR before proceeding.
-
-**Feature/Large changes:** If you intend to change the public API, or make any non-trivial changes to the implementation, we require you to file a new issue as `#SIP` (Superset Improvement Proposal). This lets us reach an agreement on your proposal before you put significant effort into it. You are welcome to submit a PR along with the SIP (sometimes necessary for demonstration), but we will not review/merge the code until the SIP is approved.
-
-In general, small PRs are always easier to review than large PRs. The best practice is to break your work into smaller independent PRs and refer to the same issue. This will greatly reduce turnaround time.
-
-If you wish to share your work which is not ready to merge yet, create a [Draft PR](https://github.blog/2019-02-14-introducing-draft-pull-requests/). This will enable maintainers and the CI runner to prioritize mature PR's.
-
-Finally, never submit a PR that will put master branch in broken state. If the PR is part of multiple PRs to complete a large feature and cannot work on its own, you can create a feature branch and merge all related PRs into the feature branch before creating a PR from feature branch to master.
-
-### Protocol
-
-#### Authoring
-
-- Fill in all sections of the PR template.
-- Title the PR with one of the following semantic prefixes (inspired by [Karma](http://karma-runner.github.io/0.10/dev/git-commit-msg.html])):
-
-  - `feat` (new feature)
-  - `fix` (bug fix)
-  - `docs` (changes to the documentation)
-  - `style` (formatting, missing semi colons, etc; no application logic change)
-  - `refactor` (refactoring code)
-  - `test` (adding missing tests, refactoring tests; no application logic change)
-  - `chore` (updating tasks etc; no application logic change)
-  - `perf` (performance-related change)
-  - `build` (build tooling, Docker configuration change)
-  - `ci` (test runner, GitHub Actions workflow changes)
-  - `other` (changes that don't correspond to the above -- should be rare!)
-  - Examples:
-    - `feat: export charts as ZIP files`
-    - `perf(api): improve API info performance`
-    - `fix(chart-api): cached-indicator always shows value is cached`
-
-- Add prefix `[WIP]` to title if not ready for review (WIP = work-in-progress). We recommend creating a PR with `[WIP]` first and remove it once you have passed CI test and read through your code changes at least once.
-- If you believe your PR contributes a potentially breaking change, put a `!` after the semantic prefix but before the colon in the PR title, like so: `feat!: Added foo functionality to bar`
-- **Screenshots/GIFs:** Changes to user interface require before/after screenshots, or GIF for interactions
-  - Recommended capture tools ([Kap](https://getkap.co/), [LICEcap](https://www.cockos.com/licecap/), [Skitch](https://download.cnet.com/Skitch/3000-13455_4-189876.html))
-  - If no screenshot is provided, the committers will mark the PR with `need:screenshot` label and will not review until screenshot is provided.
-- **Dependencies:** Be careful about adding new dependency and avoid unnecessary dependencies.
-  - For Python, include it in `pyproject.toml` denoting any specific restrictions and
-    in `requirements.txt` pinned to a specific version which ensures that the application
-    build is deterministic.
-  - For TypeScript/JavaScript, include new libraries in `package.json`
-- **Tests:** The pull request should include tests, either as doctests, unit tests, or both. Make sure to resolve all errors and test failures. See [Testing](./howtos#testing) for how to run tests.
-- **Documentation:** If the pull request adds functionality, the docs should be updated as part of the same PR.
-- **CI:** Reviewers will not review the code until all CI tests are passed. Sometimes there can be flaky tests. You can close and open PR to re-run CI test. Please report if the issue persists. After the CI fix has been deployed to `master`, please rebase your PR.
-- **Code coverage:** Please ensure that code coverage does not decrease.
-- Remove `[WIP]` when ready for review. Please note that it may be merged soon after approved so please make sure the PR is ready to merge and do not expect more time for post-approval edits.
-- If the PR was not ready for review and inactive for > 30 days, we will close it due to inactivity. The author is welcome to re-open and update.
-
-#### Reviewing
-
-- Use constructive tone when writing reviews.
-- If there are changes required, state clearly what needs to be done before the PR can be approved.
-- If you are asked to update your pull request with some changes there's no need to create a new one. Push your changes to the same branch.
-- The committers reserve the right to reject any PR and in some cases may request the author to file an issue.
-
-#### Test Environments
-
-- Members of the Apache GitHub org can launch an ephemeral test environment directly on a pull request by creating a comment containing (only) the command `/testenv up`.
-  - Note that org membership must be public in order for this validation to function properly.
-- Feature flags may be set for a test environment by specifying the flag name (prefixed with `FEATURE_`) and value after the command.
-  - Format: `/testenv up FEATURE_<feature flag name>=true|false`
-  - Example: `/testenv up FEATURE_DASHBOARD_NATIVE_FILTERS=true`
-  - Multiple feature flags may be set in single command, separated by whitespace
-- A comment will be created by the workflow script with the address and login information for the ephemeral environment.
-- Test environments may be created once the Docker build CI workflow for the PR has completed successfully.
-- Test environments do not currently update automatically when new commits are added to a pull request.
-- Test environments do not currently support async workers, though this is planned.
-- Running test environments will be shutdown upon closing the pull request.
-
-You can also access per-PR ephemeral environment directly using the following URL pattern:
-`https://pr-{PR_NUMBER}.superset.apache.org`
-
-#### Merging
-
-- At least one approval is required for merging a PR.
-- PR is usually left open for at least 24 hours before merging.
-- After the PR is merged, [close the corresponding issue(s)](https://help.github.com/articles/closing-issues-using-keywords/).
-
-#### Post-merge Responsibility
-
-- Project maintainers may contact the PR author if new issues are introduced by the PR.
-- Project maintainers may revert your changes if a critical issue is found, such as breaking master branch CI.
-
-## Managing Issues and PRs
-
-To handle issues and PRs that are coming in, committers read issues/PRs and flag them with labels to categorize and help contributors spot where to take actions, as contributors usually have different expertises.
-
-Triaging goals
-
-- **For issues:** Categorize, screen issues, flag required actions from authors.
-- **For PRs:** Categorize, flag required actions from authors. If PR is ready for review, flag required actions from reviewers.
-
-First, add **Category labels (a.k.a. hash labels)**. Every issue/PR must have one hash label (except spam entry). Labels that begin with `#` defines issue/PR type:
-
-| Label           | for Issue                                                                                                               | for PR                                                                                                                                            |
-| --------------- | ----------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `#bug`          | Bug report                                                                                                              | Bug fix                                                                                                                           |
-| `#code-quality` | Describe problem with code, architecture or productivity                                                                | Refactor, tests, tooling                                                                                                          |
-| `#feature`      | New feature request                                                                                                     | New feature implementation                                                                                                        |
-| `#refine`       | Propose improvement such as adjusting padding or refining UI style, excluding new features, bug fixes, and refactoring. | Implementation of improvement such as adjusting padding or refining UI style, excluding new features, bug fixes, and refactoring. |
-| `#doc`          | Documentation                                                                                                           | Documentation                                                                                                                     |
-| `#question`     | Troubleshooting: Installation, Running locally, Ask how to do something. Can be changed to `#bug` later.                | N/A                                                                                                                               |
-| `#SIP`          | Superset Improvement Proposal                                                                                           | N/A                                                                                                                               |
-| `#ASF`          | Tasks related to Apache Software Foundation policy                                                                      | Tasks related to Apache Software Foundation policy                                                                                |
-
-Then add other types of labels as appropriate.
-
-- **Descriptive labels (a.k.a. dot labels):** These labels that begin with `.` describe the details of the issue/PR, such as `.ui`, `.js`, `.install`, `.backend`, etc. Each issue/PR can have zero or more dot labels.
-- **Need labels:** These labels have pattern `need:xxx`, which describe the work required to progress, such as `need:rebase`, `need:update`, `need:screenshot`.
-- **Risk labels:** These labels have pattern `risk:xxx`, which describe the potential risk on adopting the work, such as `risk:db-migration`. The intention was to better understand the impact and create awareness for PRs that need more rigorous testing.
-- **Status labels:** These labels describe the status (`abandoned`, `wontfix`, `cant-reproduce`, etc.) Issue/PRs that are rejected or closed without completion should have one or more status labels.
-- **Version labels:** These have the pattern `vx.x` such as `v0.28`. Version labels on issues describe the version the bug was reported on. Version labels on PR describe the first release that will include the PR.
-
-Committers may also update title to reflect the issue/PR content if the author-provided title is not descriptive enough.
-
-If the PR passes CI tests and does not have any `need:` labels, it is ready for review, add label `review` and/or `design-review`.
-
-If an issue/PR has been inactive for at least 30 days, it will be closed. If it does not have any status label, add `inactive`.
-
-When creating a PR, if you're aiming to have it included in a specific release, please tag it with the version label. For example, to have a PR considered for inclusion in Superset 1.1 use the label `v1.1`.
-
-## Revert Guidelines
-
-Reverting changes that are causing issues in the master branch is a normal and expected part of the development process. In an open source community, the ramifications of a change cannot always be fully understood. With that in mind, here are some considerations to keep in mind when considering a revert:
-
-- **Availability of the PR author:** If the original PR author or the engineer who merged the code is highly available and can provide a fix in a reasonable time frame, this would counter-indicate reverting.
-- **Severity of the issue:** How severe is the problem on master? Is it keeping the project from moving forward? Is there user impact? What percentage of users will experience a problem?
-- **Size of the change being reverted:** Reverting a single small PR is a much lower-risk proposition than reverting a massive, multi-PR change.
-- **Age of the change being reverted:** Reverting a recently-merged PR will be more acceptable than reverting an older PR. A bug discovered in an older PR is unlikely to be causing widespread serious issues.
-- **Risk inherent in reverting:** Will the reversion break critical functionality? Is the medicine more dangerous than the disease?
-- **Difficulty of crafting a fix:** In the case of issues with a clear solution, it may be preferable to implement and merge a fix rather than a revert.
-
-Should you decide that reverting is desirable, it is the responsibility of the Contributor performing the revert to:
-
-- **Contact the interested parties:** The PR's author and the engineer who merged the work should both be contacted and informed of the revert.
-- **Provide concise reproduction steps:** Ensure that the issue can be clearly understood and duplicated by the original author of the PR.
-- **Put the revert through code review:** The revert must be approved by another committer.
-
-**Revert liberally to keep `master` stable**:
-- Build failures
-- Test failures
-- Critical bugs in production
-- Security vulnerabilities
-
-**How to revert**:
-1. Use GitHub's revert button when possible
-2. Create a PR with clear explanation
-3. Tag the original author
-4. Work with them on a fix
-
-## Design Guidelines
-
-### Capitalization Guidelines
-
-#### Sentence case
-
-Use sentence-case capitalization for everything in the UI (except these **).
-
-Sentence case is predominantly lowercase. Capitalize only the initial character of the first word, and other words that require capitalization, like:
-
-- **Proper nouns.** Objects in the product _are not_ considered proper nouns e.g. dashboards, charts, saved queries etc. Proprietary feature names eg. SQL Lab, Preset Manager _are_ considered proper nouns
-- **Acronyms** (e.g. CSS, HTML)
-- When referring to **UI labels that are themselves capitalized** from sentence case (e.g. page titles - Dashboards page, Charts page, Saved queries page, etc.)
-- User input that is reflected in the UI. E.g. a user-named a dashboard tab
-
-**Sentence case vs. Title case:**
-Title case: "A Dog Takes a Walk in Paris"
-Sentence case: "A dog takes a walk in Paris"
-
-**Why sentence case?**
-
-- It's generally accepted as the quickest to read
-- It's the easiest form to distinguish between common and proper nouns
-
-**Good examples:**
-- "Select a database"
-- "Create new chart"
-- "View all dashboards"
-
-**Bad examples:**
-- "Select a Database"
-- "Create New Chart"
-- "View All Dashboards"
-
-#### How to refer to UI elements
-
-When writing about a UI element, use the same capitalization as used in the UI.
-
-For example, if an input field is labeled "Name" then you refer to this as the "Name input field". Similarly, if a button has the label "Save" in it, then it is correct to refer to the "Save button".
-
-Where a product page is titled "Settings", you refer to this in writing as follows:
-"Edit your personal information on the Settings page".
-
-Often a product page will have the same title as the objects it contains. In this case, refer to the page as it appears in the UI, and the objects as common nouns:
-
-- Upload a dashboard on the Dashboards page
-- Go to Dashboards
-- View dashboard
-- View all dashboards
-- Upload CSS templates on the CSS templates page
-- Queries that you save will appear on the Saved queries page
-- Create custom queries in SQL Lab then create dashboards
-
-When writing about UI elements:
-- Use **bold** for clickable elements: "Click **Save**"
-- Use quotes for text fields: 'Enter "My Dashboard" in the name field'
-- Be specific about element types: button, link, dropdown, etc.
-
-#### **Exceptions to sentence case
-
-Only use title case for:
-- Product names (Apache Superset)
-- Proper nouns
-- Acronyms (SQL, API, CSV)
-- Input labels, buttons and UI tabs are all caps
-- User input values (e.g. column names, SQL Lab tab names) should be in their original case
-
-## Programming Language Conventions
-
-### Python
-
-We use:
-- **[Ruff](https://docs.astral.sh/ruff/)** for linting and formatting
-- **[Mypy](http://mypy-lang.org/)** for type checking
-
-Python code should:
-- Follow PEP 8
-- Use type hints for all new code
-- Use descriptive variable names
-- Include docstrings for modules, classes, and functions
-- Handle exceptions appropriately
-- Avoid global variables
-
-Parameters in the `config.py` (which are accessible via the Flask app.config dictionary) are
-assumed to always be defined and thus should be accessed directly via,
-
-```python
-blueprints = app.config["BLUEPRINTS"]
-```
-
-rather than,
-
-```python
-blueprints = app.config.get("BLUEPRINTS")
-```
-
-or similar as the later will cause typing issues. The former is of type `List[Callable]`
-whereas the later is of type `Optional[List[Callable]]`.
-
-#### Typing / Type Hints
-
-All new Python code should include type hints:
-
-To ensure clarity, consistency, all readability, _all_ new functions should use
-[type hints](https://docs.python.org/3/library/typing.html) and include a
-docstring.
-
-Note per [PEP-484](https://www.python.org/dev/peps/pep-0484/#exceptions) no
-syntax for listing explicitly raised exceptions is proposed and thus the
-recommendation is to put this information in a docstring, i.e.,
-
-```python
-import math
-from typing import List, Optional, Dict, Any, Union
-
-
-def sqrt(x: Union[float, int]) -> Union[float, int]:
-    """
-    Return the square root of x.
-
-    :param x: A number
-    :returns: The square root of the given number
-    :raises ValueError: If the number is negative
-    """
-
-    return math.sqrt(x)
-
-
-def process_data(
-    data: List[Dict[str, Any]],
-    filter_empty: bool = True
-) -> Optional[Dict[str, Any]]:
-    """
-    Process a list of data dictionaries.
-
-    Args:
-        data: List of dictionaries containing data
-        filter_empty: Whether to filter empty entries
-
-    Returns:
-        Processed data dictionary or None if no valid data
-    """
-    if not data:
-        return None
-
-    # Process data...
-    return processed_data
-```
-
-Use `mypy` to check types:
-```bash
-mypy superset
-```
-
-### TypeScript
-
-We use:
-- **ESLint** for linting
-- **Prettier** for formatting  
-- **TypeScript** strict mode
-
-TypeScript is fully supported and is the recommended language for writing all new frontend
-components. When modifying existing functions/components, migrating to TypeScript is
-appreciated, but not required. Examples of migrating functions/components to TypeScript can be
-found in [#9162](https://github.com/apache/superset/pull/9162) and [#9180](https://github.com/apache/superset/pull/9180).
-
-TypeScript code should:
-- Avoid `any` types - use proper TypeScript types
-- Use functional components with hooks for React
-- Include JSDoc comments for complex functions
-- Use consistent naming conventions
-- Handle errors appropriately
-
-Example:
-```typescript
-interface User {
-  id: number;
-  name: string;
-  email?: string;
-}
-
-export function processUser(user: User): string {
-  // Avoid using 'any'
-  const { name, email } = user;
-  return email ? `${name} <${email}>` : name;
-}
-```
-
-## Additional Guidelines
-
-### Commit Messages
-
-- Use clear, descriptive commit messages
-- Start with a verb in imperative mood
-- Reference issue numbers when applicable
-
-Good: "Fix dashboard filter bug when dataset is deleted"
-Bad: "Fixed stuff"
-
-### Code Review Etiquette
-
-- Be respectful and constructive
-- Focus on the code, not the person
-- Provide specific suggestions for improvement
-- Acknowledge good work
-- Be open to different approaches
-
-### Documentation
-
-- Update docs for any user-facing changes
-- Include code examples where helpful
-- Keep language clear and concise
-- Test documentation changes locally
-
-### Security
-
-- Never commit secrets or credentials
-- Validate all user input
-- Use parameterized queries for SQL
-- Follow OWASP guidelines
-- Report security issues privately to private@superset.apache.org
-
-## Questions?
-
-If you have questions about these guidelines, ask in:
-- [Slack #development](https://apache-superset.slack.com)
-- [GitHub Discussions](https://github.com/apache/superset/discussions)

docs/developer_portal/contributing/howtos.md

@@ -1,528 +0,0 @@
----
-title: Development How-tos
-sidebar_position: 7
----
-
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-
-# Development How-tos
-
-This guide contains specific instructions for common development tasks in Superset.
-
-## Contributing to Documentation
-
-The documentation site is built using [Docusaurus](https://docusaurus.io/). All documentation lives in the `docs` folder, written in Markdown format.
-
-### Local Development
-
-To set up your local environment for documentation development:
-
-```bash
-cd docs
-npm install
-npm run start
-```
-
-The site will be available at http://localhost:3000
-
-### Build
-
-To create a production build:
-
-```bash
-npm run build
-npm run serve  # Test the build locally
-```
-
-### Deployment
-
-Documentation is automatically deployed when changes are merged to master.
-
-## Creating Visualization Plugins
-
-Visualization plugins allow you to add custom chart types to Superset. They are built as npm packages that integrate with the Superset frontend.
-
-### Prerequisites
-
-- Node.js 18+
-- npm or yarn
-- A local Superset development environment
-
-### Creating a simple Hello World viz plugin
-
-1. **Install the Superset Yeoman generator**:
-```bash
-npm install -g @superset-ui/generator-superset
-```
-
-2. **Create a new plugin**:
-```bash
-mkdir superset-plugin-chart-hello-world
-cd superset-plugin-chart-hello-world
-yo @superset-ui/superset
-```
-
-3. **Follow the prompts**:
-- Package name: `superset-plugin-chart-hello-world`
-- Chart type: Choose your preferred type
-- Include storybook: Yes (recommended for development)
-
-4. **Develop your plugin**:
-The generator creates a complete plugin structure with TypeScript, React components, and build configuration.
-
-5. **Test your plugin locally**:
-```bash
-npm run dev
-```
-
-6. **Link to your local Superset**:
-```bash
-npm link
-# In your Superset frontend directory:
-npm link superset-plugin-chart-hello-world
-```
-
-7. **Import and register in Superset**:
-Edit `superset-frontend/src/visualizations/presets/MainPreset.js` to include your plugin.
-
-## Testing
-
-### Python Testing
-
-Run Python tests using pytest:
-
-```bash
-# Run all tests
-pytest
-
-# Run specific test file
-pytest tests/unit_tests/test_specific.py
-
-# Run with coverage
-pytest --cov=superset
-
-# Run only unit tests
-pytest tests/unit_tests
-
-# Run only integration tests  
-pytest tests/integration_tests
-```
-
-#### Testing with local Presto connections
-
-To test against Presto:
-
-```bash
-# Start Presto locally using Docker
-docker run -p 8080:8080 \
-  --name presto \
-  -d prestodb/presto
-
-# Configure in superset_config.py
-SQLALCHEMY_DATABASE_URI = 'presto://localhost:8080/hive/default'
-```
-
-### Frontend Testing
-
-Run frontend tests using Jest:
-
-```bash
-cd superset-frontend
-
-# Run all tests
-npm run test
-
-# Run with coverage
-npm run test -- --coverage
-
-# Run in watch mode
-npm run test -- --watch
-
-# Run specific test file
-npm run test -- MyComponent.test.tsx
-```
-
-### E2E Integration Testing
-
-We support both Playwright (recommended) and Cypress for end-to-end testing.
-
-#### Playwright (Recommended - NEW)
-
-Playwright is our new E2E testing framework, gradually replacing Cypress.
-
-```bash
-# Navigate to frontend directory
-cd superset-frontend
-
-# Run all Playwright tests
-npm run playwright:test
-# or: npx playwright test
-
-# Run with interactive UI for debugging
-npm run playwright:ui
-# or: npx playwright test --ui
-
-# Run in headed mode (see browser)
-npm run playwright:headed
-# or: npx playwright test --headed
-
-# Run specific test file
-npx playwright test tests/auth/login.spec.ts
-
-# Run with debug mode (step through tests)
-npm run playwright:debug tests/auth/login.spec.ts
-# or: npx playwright test --debug tests/auth/login.spec.ts
-
-# Generate test report
-npm run playwright:report
-```
-
-#### Cypress (DEPRECATED - will be removed)
-
-Cypress is being phased out in favor of Playwright but is still available:
-
-```bash
-# Set base URL for Cypress
-export CYPRESS_BASE_URL='http://localhost:8088'
-export CYPRESS_DATABASE=test
-export CYPRESS_USERNAME=admin
-export CYPRESS_PASSWORD=admin
-
-# Navigate to Cypress directory
-cd superset-frontend/cypress-base
-
-# Run interactively
-npm run cypress-debug
-
-# Run headless (like CI)
-npm run cypress-run-chrome
-
-# Run specific file
-npm run cypress-run-chrome -- --spec "cypress/e2e/dashboard/dashboard.test.ts"
-```
-
-### Debugging Server App
-
-For debugging the Flask backend:
-
-#### Using PyCharm/IntelliJ
-
-1. Create a new Python configuration
-2. Set script path to `superset/app.py`
-3. Set environment variables:
-   - `FLASK_ENV=development`
-   - `SUPERSET_CONFIG_PATH=/path/to/superset_config.py`
-4. Set breakpoints and run in debug mode
-
-#### Using VS Code
-
-1. Add to `.vscode/launch.json`:
-```json
-{
-  "version": "0.2.0",
-  "configurations": [
-    {
-      "name": "Python: Flask",
-      "type": "python",
-      "request": "launch",
-      "module": "flask",
-      "env": {
-        "FLASK_APP": "superset/app.py",
-        "FLASK_ENV": "development"
-      },
-      "args": ["run", "--no-debugger", "--no-reload"],
-      "jinja": true
-    }
-  ]
-}
-```
-
-2. Set breakpoints and press F5 to debug
-
-### Storybook
-
-Storybook is used for developing and testing UI components in isolation:
-
-```bash
-cd superset-frontend
-
-# Start Storybook
-npm run storybook
-
-# Build static Storybook
-npm run build-storybook
-```
-
-Access Storybook at http://localhost:6006
-
-## Contributing Translations
-
-Superset uses Flask-Babel for internationalization.
-
-### Enabling language selection
-
-Edit `superset_config.py`:
-
-```python
-LANGUAGES = {
-    'en': {'flag': 'us', 'name': 'English'},
-    'fr': {'flag': 'fr', 'name': 'French'},
-    'zh': {'flag': 'cn', 'name': 'Chinese'},
-}
-```
-
-### Creating a new language dictionary
-
-```bash
-# Initialize a new language
-pybabel init -i superset/translations/messages.pot -d superset/translations -l de
-```
-
-### Extracting new strings for translation
-
-```bash
-# Extract Python strings
-pybabel extract -F babel.cfg -o superset/translations/messages.pot -k lazy_gettext superset
-
-# Extract JavaScript strings
-npm run build-translation
-```
-
-### Updating language files
-
-```bash
-# Update all language files with new strings
-pybabel update -i superset/translations/messages.pot -d superset/translations
-```
-
-### Applying translations
-
-```bash
-# Frontend
-cd superset-frontend
-npm run build-translation
-
-# Backend
-pybabel compile -d superset/translations
-```
-
-## Linting
-
-### Python
-
-We use Ruff for Python linting and formatting:
-
-```bash
-# Auto-format using ruff
-ruff format .
-
-# Lint check with ruff
-ruff check .
-
-# Lint fix with ruff
-ruff check --fix .
-```
-
-Pre-commit hooks run automatically on `git commit` if installed.
-
-### TypeScript
-
-We use ESLint and Prettier for TypeScript:
-
-```bash
-cd superset-frontend
-
-# Run eslint checks
-npm run lint
-
-# Run tsc (typescript) checks
-npm run type
-
-# Fix lint issues
-npm run lint-fix
-
-# Format with Prettier
-npm run prettier
-```
-
-## GitHub Ephemeral Environments
-
-For every PR, an ephemeral environment is automatically deployed for testing.
-
-Access pattern: `https://pr-{PR_NUMBER}.superset.apache.org`
-
-Features:
-- Automatically deployed on PR creation/update
-- Includes sample data
-- Destroyed when PR is closed
-- Useful for UI/UX review
-
-## Tips and Tricks
-
-### Using Docker for Development
-
-```bash
-# Rebuild specific service
-docker compose build superset
-
-# View logs
-docker compose logs -f superset
-
-# Execute commands in container
-docker compose exec superset bash
-
-# Reset database
-docker compose down -v
-docker compose up
-```
-
-### Hot Reloading
-
-**Frontend**: Webpack dev server provides hot module replacement automatically.
-
-**Backend**: Use Flask debug mode:
-```bash
-FLASK_ENV=development superset run -p 8088 --with-threads --reload
-```
-
-### Performance Profiling
-
-For Python profiling:
-```python
-# In superset_config.py
-PROFILING = True
-```
-
-For React profiling:
-- Use React DevTools Profiler
-- Enable performance marks in Chrome DevTools
-
-### Database Migrations
-
-```bash
-# Create a new migration
-superset db migrate -m "Description of changes"
-
-# Apply migrations
-superset db upgrade
-
-# Downgrade
-superset db downgrade
-```
-
-### Useful Aliases
-
-Add to your shell profile:
-
-```bash
-alias sdev='FLASK_ENV=development superset run -p 8088 --with-threads --reload'
-alias stest='pytest tests/unit_tests'
-alias slint='pre-commit run --all-files'
-alias sfront='cd superset-frontend && npm run dev-server'
-```
-
-## Common Issues and Solutions
-
-### Node/npm Issues
-
-```bash
-# Clear npm cache
-npm cache clean --force
-
-# Reinstall dependencies
-rm -rf node_modules package-lock.json
-npm install
-```
-
-### Python Environment Issues
-
-```bash
-# Recreate virtual environment
-deactivate
-rm -rf venv
-python3 -m venv venv
-source venv/bin/activate
-pip install -r requirements/development.txt
-pip install -e .
-```
-
-### Database Issues
-
-```bash
-# Reset local database
-superset db downgrade -r base
-superset db upgrade
-superset init
-```
-
-### Port Already in Use
-
-```bash
-# Find process using port
-lsof -i :8088
-# Kill process
-kill -9 [PID]
-```
-
-## Reporting Security Vulnerabilities
-
-Please report security vulnerabilities to **private@superset.apache.org**.
-
-In the event a community member discovers a security flaw in Superset, it is important to follow the [Apache Security Guidelines](https://www.apache.org/security/committers.html) and release a fix as quickly as possible before public disclosure. Reporting security vulnerabilities through the usual GitHub Issues channel is not ideal as it will publicize the flaw before a fix can be applied.
-
-## SQL Lab Async Configuration
-
-It's possible to configure a local database to operate in `async` mode, to work on `async` related features.
-
-To do this, you'll need to:
-
-- Add an additional database entry. We recommend you copy the connection string from the database labeled `main`, and then enable `SQL Lab` and the features you want to use. Don't forget to check the `Async` box
-- Configure a results backend, here's a local `FileSystemCache` example, not recommended for production, but perfect for testing (stores cache in `/tmp`)
-
-  ```python
-  from flask_caching.backends.filesystemcache import FileSystemCache
-  RESULTS_BACKEND = FileSystemCache('/tmp/sqllab')
-  ```
-
-- Start up a celery worker
-
-  ```bash
-  celery --app=superset.tasks.celery_app:app worker -O fair
-  ```
-
-Note that:
-- for changes that affect the worker logic, you'll have to restart the `celery worker` process for the changes to be reflected.
-- The message queue used is a `sqlite` database using the `SQLAlchemy` experimental broker. Ok for testing, but not recommended in production
-- In some cases, you may want to create a context that is more aligned to your production environment, and use the similar broker as well as results backend configuration
-
-## Async Chart Queries
-
-It's possible to configure database queries for charts to operate in `async` mode. This is especially useful for dashboards with many charts that may otherwise be affected by browser connection limits. To enable async queries for dashboards and Explore, the following dependencies are required:
-
-- Redis 5.0+ (the feature utilizes [Redis Streams](https://redis.io/topics/streams-intro))
-- Cache backends enabled via the `CACHE_CONFIG` and `DATA_CACHE_CONFIG` config settings
-- Celery workers configured and running to process async tasks
-
-## Need Help?
-
-- Check the [FAQ](https://superset.apache.org/docs/frequently-asked-questions)
-- Ask in [Slack](https://apache-superset.slack.com)
-- Search [GitHub Issues](https://github.com/apache/superset/issues)
-- Post in [GitHub Discussions](https://github.com/apache/superset/discussions)