fix(plugin-chart-ag-grid-table): keep basic conditional formatting aligned after sort (#105973 )

The basic (increase/decrease) color formatters were built in the original query order and read positionally by the displayed AG Grid rowIndex. Once the table was sorted client-side, the displayed index no longer matched the data order, so the green/red background and arrow indicators were applied to the wrong rows. Attach each row's formatter to its row data object (non-enumerable, so it never leaks into exports/cross-filters) so it travels with the row through sorting, and resolve it via getRowBasicColorFormatter in both getCellStyle and NumericCellRenderer, falling back to the positional lookup. Add unit tests.
2026-06-29 19:35:33 +00:00 · 2026-06-24 17:34:48 +05:30
519 changed files with 35232 additions and 29312 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -38,7 +38,7 @@

 # Notify translation maintainers of changes to translations

-/superset/translations/ @sfirke @rusackas @villebro @sadpandajoe @hainenber
+/superset/translations/ @sfirke @rusackas

 # Notify PMC members of changes to extension-related files

--- a/.github/actions/setup-backend/action.yml
+++ b/.github/actions/setup-backend/action.yml
@@ -42,7 +42,7 @@ runs:
        fi
        echo "python-version=$RESOLVED_VERSION" >> "$GITHUB_OUTPUT"
    - name: Set up Python ${{ steps.set-python-version.outputs.python-version }}
-      uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+      uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
      with:
        python-version: ${{ steps.set-python-version.outputs.python-version }}
        cache: ${{ inputs.cache }}
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -32,13 +32,6 @@ updates:
      # and confirm the issue https://github.com/apache/superset/issues/39600 is fixed
      - dependency-name: "react-checkbox-tree"
        update-types: ["version-update:semver-major"]
-      # Babel 8 (7.x -> 8.x) is blocked on the surrounding ecosystem: @emotion/babel-plugin
-      # (NodePath#hoist), babel-plugin-jsx-remove-data-test-id (t.jSXOpeningElement), and
-      # ts-jest all rely on Babel APIs removed in v8 and have not shipped Babel 8 support.
-      # Ignore the coordinated major bump until the ecosystem catches up; it must be done
-      # as a single manual upgrade anyway. TODO: remove when Babel 8 support is viable.
-      - dependency-name: "@babel/*"
-        update-types: ["version-update:semver-major"]
    directory: "/superset-frontend/"
    schedule:
      interval: "daily"
--- a/.github/workflows/bump-python-package.yml
+++ b/.github/workflows/bump-python-package.yml
@@ -40,7 +40,7 @@ jobs:
        uses: ./.github/actions/setup-supersetbot/

      - name: Set up Python ${{ inputs.python-version }}
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.10"

--- a/.github/workflows/github-action-validator.yml
+++ b/.github/workflows/github-action-validator.yml
@@ -43,4 +43,4 @@ jobs:
        run: bash .github/workflows/github-action-validator.sh

      - name: Check for security issues on GHA workflows
-        uses: zizmorcore/zizmor-action@192e21d79ab29983730a13d1382995c2307fbcaa # v0.5.7
+        uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
--- a/.github/workflows/pre-commit.yml
+++ b/.github/workflows/pre-commit.yml
@@ -63,7 +63,7 @@ jobs:
          yarn install --immutable

      - name: Cache pre-commit environments
-        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
        with:
          path: ~/.cache/pre-commit
          key: pre-commit-v2-${{ runner.os }}-py${{ matrix.python-version }}-${{ hashFiles('.pre-commit-config.yaml') }}
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -56,7 +56,7 @@ jobs:

      - name: Cache npm
        if: env.HAS_TAGS
-        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
        with:
          path: ~/.npm # npm cache files are stored in `~/.npm` on Linux/macOS
          key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
@@ -70,7 +70,7 @@ jobs:
        run: echo "dir=$(npm config get cache)" >> $GITHUB_OUTPUT
      - name: Cache npm
        if: env.HAS_TAGS
-        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
        id: npm-cache # use this to check for `cache-hit` (`steps.npm-cache.outputs.cache-hit != 'true'`)
        with:
          path: ${{ steps.npm-cache-dir-path.outputs.dir }}
--- a/.github/workflows/scheduled-docker-image-refresh.yml
+++ b/.github/workflows/scheduled-docker-image-refresh.yml
@@ -1,177 +0,0 @@
-name: Scheduled Docker image refresh
-
-# Re-runs the Docker image build against the latest published release on a
-# weekly cadence. The code being built doesn't change — but the base image
-# layers (python:*-slim-trixie and its OS packages) DO get upstream
-# security patches between Superset releases, and those patches don't
-# reach our published images unless we rebuild.
-#
-# Without this workflow, `apache/superset:<latest>` lags behind upstream
-# Debian/Python base patches by whatever interval falls between Superset
-# releases (typically 3–6 weeks). With it, the lag drops to at most one
-# week regardless of release cadence.
-#
-# This is a security-hygiene cron, not a release. It overwrites the
-# existing tags for the most recent release (e.g. `apache/superset:5.0.0`
-# and `apache/superset:latest`) with bit-for-bit-equivalent contents
-# layered on a refreshed base. Image digests change; everything users
-# actually pin against (image content, code, deps) does not.
-
-on:
-  schedule:
-    # Mondays at 06:00 UTC — gives the weekend for upstream patches to
-    # settle and surfaces failures at the start of the work week so a
-    # human can react.
-    - cron: "0 6 * * 1"
-
-  # Manual trigger so operators can force a refresh on demand (e.g.
-  # immediately after a high-severity base-image CVE drops).
-  workflow_dispatch: {}
-
-permissions:
-  contents: read
-
-# Serialize with itself and with the release publisher (tag-release.yml) —
-# both push to the same Docker Hub tags, so a race could end with stale
-# layers winning. Both workflows must declare this group for the lock to work.
-concurrency:
-  group: docker-publish-latest-release
-  cancel-in-progress: false
-
-jobs:
-  config:
-    runs-on: ubuntu-24.04
-    outputs:
-      has-secrets: ${{ steps.check.outputs.has-secrets }}
-      latest-release: ${{ steps.latest.outputs.tag }}
-      force-latest: ${{ steps.latest.outputs.force-latest }}
-    steps:
-      - name: Check for Docker Hub secrets
-        id: check
-        shell: bash
-        run: |
-          if [ -n "${DOCKERHUB_USER}" ]; then
-            echo "has-secrets=1" >> "$GITHUB_OUTPUT"
-          fi
-        env:
-          DOCKERHUB_USER: ${{ (secrets.DOCKERHUB_USER != '' && secrets.DOCKERHUB_TOKEN != '') || '' }}
-
-      - name: Look up latest published release
-        id: latest
-        shell: bash
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          REPOSITORY: ${{ github.repository }}
-        run: |
-          # `releases/latest` returns the latest non-prerelease, non-draft
-          # release — which is exactly what `apache/superset:latest`
-          # should reflect.
-          TAG=$(gh api "repos/${REPOSITORY}/releases/latest" --jq .tag_name)
-          if [ -z "$TAG" ] || [ "$TAG" = "null" ]; then
-            echo "::error::Could not determine latest release tag"
-            exit 1
-          fi
-          echo "Latest release: $TAG"
-          echo "tag=$TAG" >> "$GITHUB_OUTPUT"
-
-          # Only move `:latest` when the release flagged "latest" is also the
-          # highest semver release. This guards against a mis-click leaving an
-          # older maintenance release (e.g. a 5.x patch shipped after 6.0 GA)
-          # marked latest, which would otherwise roll `:latest` back a major
-          # version on the next cron run. If it isn't the newest, we still
-          # refresh that release's own version tag but leave `:latest` alone.
-          HIGHEST=$(gh api --paginate "repos/${REPOSITORY}/releases" \
-            --jq '.[] | select(.draft|not) | select(.prerelease|not) | .tag_name' \
-            | sed 's/^v//' | sort -V | tail -n1)
-          if [ "${TAG#v}" = "$HIGHEST" ]; then
-            echo "force-latest=1" >> "$GITHUB_OUTPUT"
-          else
-            echo "::warning::Latest-flagged release $TAG is not the highest semver ($HIGHEST); refreshing its version tag but leaving :latest untouched"
-          fi
-
-  docker-rebuild:
-    needs: config
-    if: needs.config.outputs.has-secrets == '1'
-    name: docker-rebuild
-    runs-on: ubuntu-24.04
-    strategy:
-      # Mirror the same matrix the release publisher uses so every variant
-      # operators consume from Docker Hub gets the refreshed base.
-      matrix:
-        build_preset: ["dev", "lean", "py310", "websocket", "dockerize", "py311", "py312"]
-      fail-fast: false
-    steps:
-      - name: "Checkout release tag: ${{ needs.config.outputs.latest-release }}"
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-        with:
-          ref: ${{ needs.config.outputs.latest-release }}
-          fetch-depth: 0
-          persist-credentials: false
-
-      - name: Setup Docker Environment
-        uses: ./.github/actions/setup-docker
-        with:
-          dockerhub-user: ${{ secrets.DOCKERHUB_USER }}
-          dockerhub-token: ${{ secrets.DOCKERHUB_TOKEN }}
-          install-docker-compose: "false"
-          build: "true"
-
-      - name: Use Node.js 20
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
-        with:
-          node-version: 20
-
-      - name: Setup supersetbot
-        uses: ./.github/actions/setup-supersetbot/
-
-      - name: Rebuild and push
-        env:
-          DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
-          DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          BUILD_PRESET: ${{ matrix.build_preset }}
-          LATEST_RELEASE: ${{ needs.config.outputs.latest-release }}
-          FORCE_LATEST_FLAG: ${{ needs.config.outputs.force-latest == '1' && '--force-latest' || '' }}
-        run: |
-          # Reuses the same supersetbot invocation as the release
-          # publisher (`tag-release.yml`), so the resulting tags are
-          # identical to what a manual release dispatch would produce —
-          # just with a freshly-pulled base image layer underneath.
-          # `--force-latest` is only passed when the config job confirmed the
-          # fetched release is the newest one (see FORCE_LATEST_FLAG above).
-          supersetbot docker \
-            --push \
-            --preset "$BUILD_PRESET" \
-            --context release \
-            --context-ref "$LATEST_RELEASE" \
-            $FORCE_LATEST_FLAG \
-            --platform "linux/arm64" \
-            --platform "linux/amd64"
-
-  # The whole point of this cron is catching base-image CVEs, so a silent
-  # failure is the expensive case — a red X in the Actions tab nobody is
-  # watching on a Monday. File a tracked issue when any rebuild leg fails so
-  # a missed security refresh surfaces instead of sitting unnoticed.
-  notify-on-failure:
-    needs: [config, docker-rebuild]
-    if: failure() && needs.config.outputs.has-secrets == '1'
-    runs-on: ubuntu-24.04
-    permissions:
-      contents: read
-      issues: write
-    steps:
-      - name: Open a tracking issue
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          REPOSITORY: ${{ github.repository }}
-          LATEST_RELEASE: ${{ needs.config.outputs.latest-release }}
-          RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
-        run: |
-          gh issue create \
-            --repo "$REPOSITORY" \
-            --title "Scheduled Docker image refresh failed for ${LATEST_RELEASE}" \
-            --label "infra:container" \
-            --label "bug" \
-            --body "The weekly Docker base-image refresh failed for release \`${LATEST_RELEASE}\`. Published images may be missing upstream base-layer security patches until this is resolved.
-
-          Failed run: ${RUN_URL}"
--- a/.github/workflows/showtime-cleanup.yml
+++ b/.github/workflows/showtime-cleanup.yml
@@ -24,14 +24,13 @@ jobs:

    permissions:
      contents: read
-      issues: write        # delete orphaned showtime label definitions (label CRUD is the issues API)
      pull-requests: write

    steps:
      - name: Install Superset Showtime
        run: pip install superset-showtime

-      - name: Cleanup expired environments and orphaned labels
+      - name: Cleanup expired environments
        run: |
-          echo "Cleaning up environments respecting TTL labels, and pruning orphaned 🎪 labels"
-          python -m showtime cleanup --respect-ttl --force
+          echo "Cleaning up environments respecting TTL labels"
+          python -m showtime cleanup --respect-ttl
--- a/.github/workflows/superset-websocket.yml
+++ b/.github/workflows/superset-websocket.yml
@@ -28,10 +28,6 @@ jobs:
        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
        with:
          persist-credentials: false
-      - name: Setup Node.js
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
-        with:
-          node-version-file: './superset-websocket/.nvmrc'
      - name: Install dependencies
        working-directory: ./superset-websocket
        run: npm ci
--- a/.github/workflows/tag-release.yml
+++ b/.github/workflows/tag-release.yml
@@ -24,12 +24,6 @@ on:
 permissions:
  contents: read

-# Serialize with the scheduled Docker image refresh — both workflows push
-# to the same Docker Hub tags and must not race on apache/superset:latest.
-concurrency:
-  group: docker-publish-latest-release
-  cancel-in-progress: false
-
 jobs:
  config:
    runs-on: ubuntu-24.04
--- a/UPDATING.md
+++ b/UPDATING.md
@@ -24,22 +24,6 @@ assists people when migrating to a new version.

 ## Next

-### Guest-token RLS rules reject unknown fields
-
-The `rls` rules passed to `POST /api/v1/security/guest_token/` are now validated strictly: a rule may only contain `dataset` and `clause`. Previously unknown fields were silently dropped, so a mistyped or legacy scope key (most commonly `datasource` instead of `dataset`) produced a rule with no `dataset`, which is treated as a *global* rule applied to every dataset the embedded resource can reach. Such a request now returns HTTP 400 identifying the offending field instead of issuing a token with an unintended global rule. Integrators that were sending extra fields in RLS rules must remove them; valid dataset-scoped (`{"dataset": 41, "clause": "..."}`) and global (`{"clause": "..."}`) rules are unaffected.
-
-### MCP service requires `MCP_JWT_AUDIENCE` when JWT auth is enabled
-
-When the MCP service has JWT auth enabled (`MCP_AUTH_ENABLED = True`), an audience must be configured via `MCP_JWT_AUDIENCE` so issued tokens are bound to this service. The service now fails to start with a clear configuration error when the audience is unset, instead of starting with audience validation skipped. Deployments that enable MCP JWT auth must set `MCP_JWT_AUDIENCE` to the audience value their identity provider issues for the MCP service. API-key-only MCP deployments (JWT auth disabled) are unaffected.
-
-### Swagger UI is opt-in (off by default)
-
-`FAB_API_SWAGGER_UI` now defaults to `False` and is driven by the `SUPERSET_ENABLE_SWAGGER_UI` environment variable. The interactive Swagger UI / OpenAPI documentation endpoints (e.g. `/swagger/v1`) are therefore no longer exposed by default. To enable them, set `SUPERSET_ENABLE_SWAGGER_UI=true` (the bundled Docker development environment sets this) or override `FAB_API_SWAGGER_UI = True` in `superset_config.py`.
-
-### Build details (git SHA / build number) are admin-only by default
-
-The git SHA and build number surfaced in the "About" section, the bootstrap payload, and the public `/version` endpoint are now only included for admin users by default; the release version string is still shown to everyone. To expose the build details to all users (the previous behavior), set the `SUPERSET_EXPOSE_BUILD_DETAILS` environment variable (or `EXPOSE_BUILD_DETAILS_TO_USERS = True` in `superset_config.py`).
-
 ### Pivot table First/Last aggregations follow data order

 The pivot table chart's `First` and `Last` aggregations now return the first and last value in data (query result) order, instead of effectively returning the minimum and maximum. Existing pivot tables that use these aggregations for totals/subtotals may show different values after upgrading. For deterministic results, ensure the underlying query has a stable sort order.
@@ -54,20 +38,6 @@ The `thumbnail_url` field has been removed from `GET /api/v1/dashboard/` list re

 The thumbnail endpoint redirects to the current digest URL regardless of whether the supplied digest is exact. If the image is not yet cached, that digest URL may return `202` and trigger async generation. Using `changed_on_utc` as the digest is sufficient for cache-busting purposes.

-### Tagging fix for `create_all`-bootstrapped schemas
-
-Only affects deployments whose metadata schema was created with SQLAlchemy's `create_all` (rather than `superset db upgrade`) on a foreign-key-enforcing backend — PostgreSQL, or MySQL with `FOREIGN_KEY_CHECKS=1`. Such schemas carry three invalid foreign keys on `tagged_object.object_id` that break tagging (`TAGGING_SYSTEM = True`) with a `ForeignKeyViolation`. Schemas built via `superset db upgrade` are unaffected.
-
-This release stops the ORM from emitting these constraints, but it cannot drop ones already present in your schema. If affected, drop them manually (names vary by backend, so look them up first):
-
-```sql
-- PostgreSQL: names are typically tagged_object_object_id_fkey, _fkey1, _fkey2
-ALTER TABLE tagged_object DROP CONSTRAINT <constraint_name>;
-
-- MySQL: find names via `SHOW CREATE TABLE tagged_object;`
-ALTER TABLE tagged_object DROP FOREIGN KEY <constraint_name>;
-```
-
 ### Webhook alerts/reports block private/internal hosts by default

 Webhook alert/report dispatch (`WebhookNotification.send`) now validates the target URL's host against the same private/internal-IP block applied to dataset import URLs. If the resolved host is in a loopback, link-local, private (RFC-1918), shared-CGNAT, or multicast range, the webhook is rejected with `NotificationParamException`.
--- a/docker/.env
+++ b/docker/.env
@@ -70,8 +70,6 @@ SUPERSET_LOG_LEVEL=info

 SUPERSET_APP_ROOT="/"
 SUPERSET_ENV=development
-# Swagger UI is opt-in (off by default); enable it for local development.
-SUPERSET_ENABLE_SWAGGER_UI=true
 SUPERSET_LOAD_EXAMPLES=yes
 CYPRESS_CONFIG=false
 SUPERSET_PORT=8088
--- a/docs/.nvmrc
+++ b/docs/.nvmrc
@@ -1 +0,0 @@
-../superset-frontend/.nvmrc
--- a/docs/.nvmrc
+++ b/docs/.nvmrc
@@ -0,0 +1 @@
+v24.16.0
--- a/docs/admin_docs/configuration/alerts-reports.mdx
+++ b/docs/admin_docs/configuration/alerts-reports.mdx
@@ -81,21 +81,6 @@ SLACK_CACHE_TIMEOUT = int(timedelta(days=2).total_seconds())
 SLACK_API_RATE_LIMIT_RETRY_COUNT = 5
 ```

-#### Slack Enterprise Grid (org-scoped tokens)
-
-On a Slack Enterprise Grid org, an org-scoped token spans multiple workspaces, so
-workspace-scoped methods such as `conversations.list` require a `team_id` to
-indicate which workspace to target. Set `SLACK_TEAM_ID` to your workspace (team)
-ID so Superset can list channels and deliver reports:
-
-```python
-# The workspace (team) ID to target, e.g. "T01234567"
-SLACK_TEAM_ID = "T01234567"
-```
-
-This defaults to `None` and only needs to be set when using an org-scoped token;
-it is accepted but ignored for standard workspace-level tokens.
-
 ### Webhook integration

 Superset can send alert and report notifications to any HTTP endpoint — useful for chat platforms, incident management tools, or custom automation.
@@ -175,7 +160,7 @@ When enabled, Superset rejects webhook configurations that use `http://` URLs.

 #### Retry Behavior

-Superset automatically retries webhook deliveries on `429 Too Many Requests` and `5xx` server errors using exponential backoff. Retries are bounded to roughly 120 seconds of cumulative wall-clock time (worst case ~210 seconds, because the bound is checked against the time elapsed before each attempt, so the final request can begin just under the limit and still run its full request timeout), after which the delivery is abandoned.
+Superset automatically retries webhook deliveries on `429 Too Many Requests` and `5xx` server errors using exponential backoff.

 ### Kubernetes-specific

--- a/docs/admin_docs/installation/docker-compose.mdx
+++ b/docs/admin_docs/installation/docker-compose.mdx
@@ -223,9 +223,8 @@ compose based installation, edit the `x-superset-image:` line in your `docker-co
 `docker-compose-non-dev.yml` files, replacing `apachesuperset.docker.scarf.sh/apache/superset` with
 `apache/superset` to pull the image directly from Docker Hub.

-To disable the Scarf telemetry pixel, set the `SCARF_ANALYTICS` environment variable to `false` in
-your `docker/.env` file. This is read at runtime, so it disables the pixel on the pre-built image
-without rebuilding the frontend.
+To disable the Scarf telemetry pixel, set the `SCARF_ANALYTICS` environment variable to `False` in
+your terminal and/or in your `docker/.env` file.
 :::

 ## 3. Log in to Superset
--- a/docs/admin_docs/installation/kubernetes.mdx
+++ b/docs/admin_docs/installation/kubernetes.mdx
@@ -136,17 +136,7 @@ init:
 :::note
 Superset uses [Scarf Gateway](https://about.scarf.sh/scarf-gateway) to collect telemetry data.  Knowing the installation counts for different Superset versions informs the  project's decisions about patching and long-term support. Scarf purges personally identifiable information (PII) and provides only aggregated statistics.

-There are two independent telemetry channels:
-
- **Image pulls** (Scarf Gateway): to opt out, edit the `repository:` line in your `helm/superset/values.yaml` file, replacing `apachesuperset.docker.scarf.sh/apache/superset` with `apache/superset` to pull the image directly from Docker Hub.
- **The analytics pixel** rendered in the UI: to opt out, set the `SCARF_ANALYTICS` environment variable to `false` on the Superset containers via `extraEnv` in your `values.yaml`:
-
-  ```yaml
-  extraEnv:
-    SCARF_ANALYTICS: "false"
-  ```
-
-  This is read at runtime, so it takes effect on the pre-built images without rebuilding the frontend.
+To opt-out of this data collection in your Helm-based installation, edit the `repository:` line in your `helm/superset/values.yaml` file, replacing `apachesuperset.docker.scarf.sh/apache/superset` with `apache/superset` to pull the image directly from Docker Hub.
 :::

 ### Dependencies
--- a/docs/admin_docs/security/securing_superset.mdx
+++ b/docs/admin_docs/security/securing_superset.mdx
@@ -161,7 +161,6 @@ Here's the documentation section how how to set up Talisman: https://superset.ap

  - [ ] Regularly update to the latest major or minor versions of Superset. Those versions receive up-to-date security patches.
  - [ ] Rotate the `SUPERSET_SECRET_KEY` periodically (e.g., quarterly) and after any potential security incident.
-  - [ ] Rotate the other security-critical secrets (guest-token and async-query JWT secrets, SMTP and database credentials) on the cadence in Appendix C, and after any potential security incident.
  - [ ] Conduct quarterly access reviews for all users.
  - [ ] Assuming logging and monitoring is in place, review security monitoring alerts weekly.

@@ -174,24 +173,6 @@ Rotating the `SUPERSET_SECRET_KEY` is a critical security procedure. It is manda
 The procedure for safely rotating the SECRET_KEY must be followed precisely to avoid locking yourself out of your instance. The official Apache Superset documentation maintains the correct, up-to-date procedure. Please follow the official guide here:
 https://superset.apache.org/admin-docs/configuration/configuring-superset/#rotating-to-a-newer-secret_key

-### **Appendix C: Secrets Register and Rotation Schedule**
-
-`SUPERSET_SECRET_KEY` is not the only security-critical secret in a Superset deployment. Maintain an inventory of all such secrets, store each in a secrets manager (not in `superset_config.py` or version control), assign an owner, and rotate them on a defined cadence as well as after any suspected compromise.
-
-| Secret | Purpose | Risk if leaked | Suggested rotation |
-|---|---|---|---|
-| `SUPERSET_SECRET_KEY` | Signs session cookies; key material for encrypting stored DB credentials (Fernet/AES) | Forged sessions (auth bypass / privilege escalation); decryption of exfiltrated metadata-DB secrets | Quarterly + post-incident |
-| `GUEST_TOKEN_JWT_SECRET` | Signs embedded-dashboard guest tokens | Forged guest tokens → unauthorized dashboard/data access | Quarterly + post-incident |
-| `GLOBAL_ASYNC_QUERIES_JWT_SECRET` | Signs the async-query channel JWT | Forged async-query tokens | Quarterly + post-incident |
-| SMTP password | Outbound email for alerts & reports | Email relay abuse / spoofing | Per organizational policy + post-incident |
-| Database connection passwords | Access to analytical databases and the metadata DB | Direct database access | Per organizational policy + post-incident |
-
-Notes:
-
- Rotating `GUEST_TOKEN_JWT_SECRET` or `GLOBAL_ASYNC_QUERIES_JWT_SECRET` invalidates outstanding tokens of that type; schedule rotations accordingly.
- After a suspected compromise, rotate **all** of the above, not only `SUPERSET_SECRET_KEY`.
- Keep the register under change control so new secrets introduced by future features are added to the rotation schedule.
-
 :::resources
 - [Blog: Running Apache Superset on the Open Internet](https://preset.io/blog/running-apache-superset-on-the-open-internet-a-report-from-the-fireline/)
 - [Blog: How Security Vulnerabilities are Reported & Handled in Apache Superset](https://preset.io/blog/how-security-vulnerabilities-are-reported-and-handled-in-apache-superset/)
--- a/docs/developer_docs/extensions/contribution-types.md
+++ b/docs/developer_docs/extensions/contribution-types.md
@@ -34,14 +34,15 @@ Frontend contribution types allow extensions to extend Superset's user interface

 Extensions can add new views or panels to the host application, such as custom SQL Lab panels, dashboards, or other UI components. Contribution areas are uniquely identified (e.g., `sqllab.panels` for SQL Lab panels), enabling seamless integration into specific parts of the application.

-```typescript
+```tsx
+import React from 'react';
 import { views } from '@apache-superset/core';
 import MyPanel from './MyPanel';

 views.registerView(
  { id: 'my-extension.main', name: 'My Panel Name' },
  'sqllab.panels',
-  MyPanel,
+  () => <MyPanel />,
 );
 ```

@@ -111,24 +112,6 @@ editors.registerEditor(

 See [Editors Extension Point](./extension-points/editors.md) for implementation details.

-### Chat
-
-Extensions can add a chat interface to Superset by registering a trigger component and a panel component. The host owns the layout, open/close state, and display mode — the extension only provides the UI. The panel can be displayed as a floating overlay or docked as a resizable sidebar beside the page content, and the user's preference is persisted across reloads.
-
-```tsx
-import { chat } from '@apache-superset/core';
-import ChatTrigger from './ChatTrigger';
-import ChatPanel from './ChatPanel';
-
-chat.registerChat(
-  { id: 'my-org.my-chat', name: 'My Chat' },
-  ChatTrigger,
-  ChatPanel,
-);
-```
-
-See [Chat](./extension-points/chat.md) for implementation details.
-
 ## Backend

 Backend contribution types allow extensions to extend Superset's server-side capabilities. Backend contributions are registered at startup via classes and functions imported from the auto-discovered `entrypoint.py` file.
--- a/docs/developer_docs/extensions/extension-points/chat.md
+++ b/docs/developer_docs/extensions/extension-points/chat.md
@@ -1,141 +0,0 @@
---
-title: Chat
-sidebar_position: 3
---
-
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
-->
-
-# Chat Contributions
-
-Extensions can add a chat interface to Superset by registering a trigger and a panel. The host owns the layout, open/close state, and display mode — the extension only needs to provide the UI components.
-
-## Overview
-
-A chat registration consists of two React components:
-
-| Component | Role |
-|-----------|------|
-| **Trigger** | Always-visible entry point (e.g., a floating button). Rendered in the bottom-right corner in floating mode, or as a fixed overlay in panel mode. |
-| **Panel** | The chat UI itself (message list, input, etc.). Mounted by the host in the active display mode. |
-
-## Display Modes
-
-The host supports two display modes, switchable by the user or the extension at runtime:
-
-| Mode | Behavior |
-|------|----------|
-| `floating` | Panel floats above page content, anchored to the bottom-right corner. |
-| `panel` | Panel is docked to the right side of the application as a resizable sidebar, sitting beside the page content. |
-
-The user's last selected mode and open/closed state are persisted across page reloads.
-
-## Registering a Chat
-
-Call `chat.registerChat` from your extension's entry point with a descriptor, a trigger factory, and a panel factory:
-
-```tsx
-import { chat } from '@apache-superset/core';
-import ChatTrigger from './ChatTrigger';
-import ChatPanel from './ChatPanel';
-
-chat.registerChat(
-  { id: 'my-org.my-chat', name: 'My Chat' },
-  ChatTrigger,
-  ChatPanel,
-);
-```
-
-Only one chat registration is active at a time. If a second extension calls `registerChat`, it replaces the first and a warning is logged.
-
-## Opening and Closing the Chat
-
-The trigger component is responsible for toggling the panel. Use `chat.isOpen()`, `chat.open()`, and `chat.close()` to control visibility:
-
-```tsx
-import { chat } from '@apache-superset/core';
-
-export default function ChatTrigger() {
-  return (
-    <button onClick={() => (chat.isOpen() ? chat.close() : chat.open())}>
-      💬
-    </button>
-  );
-}
-```
-
-You can also subscribe to open/close events from any component:
-
-```tsx
-useEffect(() => {
-  const { dispose } = chat.onDidOpen(() => console.log('chat opened'));
-  return dispose;
-}, []);
-```
-
-## Changing the Display Mode
-
-Call `chat.setDisplayMode` to switch between `'floating'` and `'panel'` modes. In your panel component, subscribe to `onDidChangeDisplayMode` to react to changes (including those triggered by the user):
-
-```tsx
-import { useState, useEffect } from 'react';
-import { chat } from '@apache-superset/core';
-
-export default function ChatPanel() {
-  const [mode, setMode] = useState(chat.getDisplayMode());
-
-  useEffect(() => {
-    const { dispose } = chat.onDidChangeDisplayMode(m => setMode(m));
-    return dispose;
-  }, []);
-
-  return (
-    <div style={{ height: mode === 'panel' ? '100%' : '80vh' }}>
-      <button onClick={() => chat.setDisplayMode(mode === 'panel' ? 'floating' : 'panel')}>
-        {mode === 'panel' ? 'Float' : 'Dock'}
-      </button>
-      {/* message list and input */}
-    </div>
-  );
-}
-```
-
-## Chat API Reference
-
-All methods are available on the `chat` namespace from `@apache-superset/core`:
-
-| Method / Event | Description |
-|----------------|-------------|
-| `registerChat(descriptor, trigger, panel)` | Register a chat extension. Returns a `Disposable` to unregister. |
-| `open()` | Open the chat panel. No-op if already open or no registration. |
-| `close()` | Close the chat panel. |
-| `isOpen()` | Returns `true` if the panel is currently open. |
-| `getDisplayMode()` | Returns the current display mode (`'floating'` or `'panel'`). |
-| `setDisplayMode(mode)` | Switch between `'floating'` and `'panel'` mode. |
-| `onDidOpen(listener)` | Subscribe to panel open events. Returns a `Disposable`. |
-| `onDidClose(listener)` | Subscribe to panel close events. Returns a `Disposable`. |
-| `onDidChangeDisplayMode(listener)` | Subscribe to display mode changes. Returns a `Disposable`. |
-| `onDidRegisterChat(listener)` | Subscribe to registration events. |
-| `onDidUnregisterChat(listener)` | Subscribe to unregistration events. |
-| `onDidResizePanel(listener)` | Subscribe to panel resize events (panel mode only). Not all hosts provide a resizer — do not rely on this firing. Returns a `Disposable`. |
-
-## Next Steps
-
- **[Contribution Types](../contribution-types.md)** — Explore other contribution types
- **[Development](../development.md)** — Set up your development environment
--- a/docs/developer_docs/sidebars.js
+++ b/docs/developer_docs/sidebars.js
@@ -47,8 +47,6 @@ module.exports = {
          collapsed: true,
          items: [
            'extensions/extension-points/sqllab',
-            'extensions/extension-points/editors',
-            'extensions/extension-points/chat',
          ],
        },
        'extensions/development',
--- a/docs/docs/faq.mdx
+++ b/docs/docs/faq.mdx
@@ -321,8 +321,8 @@ This can be used, for example, to convert UTC time to local time.
 Superset uses [Scarf](https://about.scarf.sh/) by default to collect basic telemetry data upon installing and/or running Superset. This data helps the maintainers of Superset better understand which versions of Superset are being used, in order to prioritize patch/minor releases and security fixes.
 We use the [Scarf Gateway](https://docs.scarf.sh/gateway/) to sit in front of container registries, the [scarf-js](https://about.scarf.sh/package-sdks) package to track `npm` installations, and a Scarf pixel to gather anonymous analytics on Superset page views.
 Scarf purges PII and provides aggregated statistics. Superset users can easily opt out of analytics in various ways documented [here](https://docs.scarf.sh/gateway/#do-not-track) and [here](https://docs.scarf.sh/package-analytics/#as-a-user-of-a-package-using-scarf-js-how-can-i-opt-out-of-analytics).
-You can also opt out of the analytics pixel by setting the `SCARF_ANALYTICS` environment variable to `false`. This is read at runtime, so setting it on the Superset container (for example via `extraEnv` in the Helm chart, or `docker/.env` for Docker Compose) disables the pixel on the pre-built images without rebuilding the frontend. Note that this only disables the page-view pixel; the Scarf Gateway (container registry) and `scarf-js` (`npm`) channels are opted out separately, as described above.
-Additional opt-out instructions are available on the [Docker Compose](/admin-docs/installation/docker-compose) and [Kubernetes](/admin-docs/installation/kubernetes) installation pages.
+Superset maintainers can also opt out of telemetry data collection by setting the `SCARF_ANALYTICS` environment variable to `false` in the Superset container (or anywhere Superset/webpack are run).
+Additional opt-out instructions for Docker users are available on the [Docker Installation](/admin-docs/installation/docker-compose) page.

 ## Does Superset have an archive panel or trash bin from which a user can recover deleted assets?

--- a/docs/package.json
+++ b/docs/package.json
@@ -71,8 +71,8 @@
    "@storybook/theming": "^8.6.15",
    "@superset-ui/core": "^0.20.4",
    "@swc/core": "^1.15.41",
-    "antd": "^6.4.5",
-    "baseline-browser-mapping": "^2.10.38",
+    "antd": "^6.4.4",
+    "baseline-browser-mapping": "^2.10.37",
    "caniuse-lite": "^1.0.30001799",
    "docusaurus-plugin-openapi-docs": "^5.0.2",
    "docusaurus-theme-openapi-docs": "^5.0.2",
@@ -134,8 +134,7 @@
    "yaml": "1.10.3",
    "uuid": "11.1.1",
    "serialize-javascript": "7.0.5",
-    "d3-color": "3.1.0",
-    "ws": "^8.21.0"
+    "d3-color": "3.1.0"
  },
  "packageManager": "yarn@1.22.22+sha1.ac34549e6aa8e7ead463a7407e1c7390f61a6610"
 }
--- a/docs/yarn.lock
+++ b/docs/yarn.lock
@@ -3242,7 +3242,7 @@
    "@rc-component/util" "^1.2.1"
    clsx "^2.1.1"

-"@rc-component/form@~1.8.5":
+"@rc-component/form@~1.8.3":
  version "1.8.5"
  resolved "https://registry.yarnpkg.com/@rc-component/form/-/form-1.8.5.tgz#20571cfd401dc38c74c38cdf4722ddc6c23a9806"
  integrity sha512-d24EYtvUOBhxEtSd/EqIu9DaMuqrWF2IRIvAFCTM6NQ/GJIYNr8DvEpUSUlv2uPxEJ0ZPwYQ+wwlGIAaiHvdrw==
@@ -5392,10 +5392,10 @@ ansis@^3.2.0:
  resolved "https://registry.yarnpkg.com/ansis/-/ansis-3.17.0.tgz#fa8d9c2a93fe7d1177e0c17f9eeb562a58a832d7"
  integrity sha512-0qWUglt9JEqLFr3w1I1pbrChn1grhaiAR2ocX1PP/flRmxgtwTzPFFFnfIlD6aMOLQZgSuCRlidD70lvx8yhzg==

-antd@^6.4.5:
-  version "6.4.5"
-  resolved "https://registry.yarnpkg.com/antd/-/antd-6.4.5.tgz#98372c96af3e562aeff126289ead5e7e5c5f4212"
-  integrity sha512-xyAgX/sqF/CRS1G95oM4ql0+3TBG+tE58aRJqdUPVv4yMZcQrnnkA4cU7Uc5Rny2yK2TrusDVargHzzXUrlJ1g==
+antd@^6.4.4:
+  version "6.4.4"
+  resolved "https://registry.yarnpkg.com/antd/-/antd-6.4.4.tgz#a422610959b37ac4d4b766dbaac67ea2d8fd0785"
+  integrity sha512-lgPz4KhfhiYddV/qPYo0ieqWimCVgV2OQF72mbeGNixE753JWNnmEc7UNGy08wBS/zZ7hxrmX0pc5aX7EUaIIg==
  dependencies:
    "@ant-design/colors" "^8.0.1"
    "@ant-design/cssinjs" "^2.1.2"
@@ -5411,7 +5411,7 @@ antd@^6.4.5:
    "@rc-component/dialog" "~1.9.0"
    "@rc-component/drawer" "~1.4.2"
    "@rc-component/dropdown" "~1.0.2"
-    "@rc-component/form" "~1.8.5"
+    "@rc-component/form" "~1.8.3"
    "@rc-component/image" "~1.9.0"
    "@rc-component/input" "~1.3.1"
    "@rc-component/input-number" "~1.6.2"
@@ -5698,10 +5698,10 @@ base64-js@^1.3.1, base64-js@^1.5.1:
  resolved "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz"
  integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==

-baseline-browser-mapping@^2.10.38, baseline-browser-mapping@^2.9.0, baseline-browser-mapping@^2.9.19:
-  version "2.10.38"
-  resolved "https://registry.yarnpkg.com/baseline-browser-mapping/-/baseline-browser-mapping-2.10.38.tgz#c84d093c4bf7325c5053c279d90f153c66526042"
-  integrity sha512-31/02mVB4yuQU6adKk5SlY6m+mxDwUq5KZkyYgnLrrKl7TEm1+3PyDtDBz2kOv/wxZz41GHsvV1A/u6RmiyBvw==
+baseline-browser-mapping@^2.10.37, baseline-browser-mapping@^2.9.0, baseline-browser-mapping@^2.9.19:
+  version "2.10.37"
+  resolved "https://registry.yarnpkg.com/baseline-browser-mapping/-/baseline-browser-mapping-2.10.37.tgz#3e636475b6b293244e2b23e2c71a2ab9d9e6ba7d"
+  integrity sha512-girxaJ7WZssDOFhzCGZTDKoTa1gk6A1TbflaYTpykLJ4UU9Fz9kx1aREM8JCuoVHbL8X8T/mJg7w2oYSq72Oig==

 batch@0.6.1:
  version "0.6.1"
@@ -15246,10 +15246,15 @@ write-file-atomic@^3.0.3:
    signal-exit "^3.0.2"
    typedarray-to-buffer "^3.1.5"

-ws@^7.3.1, ws@^8.18.0, ws@^8.2.3, ws@^8.21.0:
-  version "8.21.0"
-  resolved "https://registry.yarnpkg.com/ws/-/ws-8.21.0.tgz#012e413fc07429945121b0c153158c4343086951"
-  integrity sha512-Vsp28b7DRcimFQvrqu2Wek3z1iYxDCWqHYB8Qsnk/S4RfaCQzPGPyBNuVjJV3cd6UiKtUtp6sNM77gWvzcCH+g==
+ws@^7.3.1:
+  version "7.5.10"
+  resolved "https://registry.npmjs.org/ws/-/ws-7.5.10.tgz"
+  integrity sha512-+dbF1tHwZpXcbOJdVOkzLDxZP1ailvSxM6ZweXTegylPny803bFhA+vqBYw4s31NSAk4S2Qz+AKXK9a4wkdjcQ==
+
+ws@^8.18.0, ws@^8.2.3:
+  version "8.20.1"
+  resolved "https://registry.npmjs.org/ws/-/ws-8.20.1.tgz"
+  integrity sha512-It4dO0K5v//JtTXuPkfEOaI3uUN87iYPnqo/ZzqCoG3g8uhA66QUMs/SrM0YK7/NAu+r4LMh/9dq2A7k+rHs+w==

 wsl-utils@^0.1.0:
  version "0.1.0"
--- a/helm/superset/Chart.yaml
+++ b/helm/superset/Chart.yaml
@@ -29,7 +29,7 @@ maintainers:
  - name: craig-rueda
    email: craig@craigrueda.com
    url: https://github.com/craig-rueda
-version: 0.18.0 # See [README](https://github.com/apache/superset/blob/master/helm/superset/README.md#versioning) for version details.
+version: 0.17.3 # See [README](https://github.com/apache/superset/blob/master/helm/superset/README.md#versioning) for version details.
 dependencies:
  - name: postgresql
    version: 16.7.27
--- a/helm/superset/README.md
+++ b/helm/superset/README.md
@@ -23,7 +23,7 @@ NOTE: This file is generated by helm-docs: https://github.com/norwoodj/helm-docs

 # superset

-![Version: 0.18.0](https://img.shields.io/badge/Version-0.18.0-informational?style=flat-square)
+![Version: 0.17.3](https://img.shields.io/badge/Version-0.17.3-informational?style=flat-square)

 Apache Superset is a modern, enterprise-ready business intelligence web application

@@ -88,7 +88,6 @@ On helm this can be set on `extraSecretEnv.SUPERSET_SECRET_KEY` or `configOverri
 | ingress.path | string | `"/"` |  |
 | ingress.pathType | string | `"ImplementationSpecific"` |  |
 | ingress.tls | list | `[]` |  |
-| init.additionalPodSpec | object | `{}` | Custom pod spec to be added to init job |
 | init.adminUser.email | string | `"admin@superset.com"` |  |
 | init.adminUser.firstname | string | `"Superset"` |  |
 | init.adminUser.lastname | string | `"Admin"` |  |
@@ -132,7 +131,6 @@ On helm this can be set on `extraSecretEnv.SUPERSET_SECRET_KEY` or `configOverri
 | supersetCeleryBeat.affinity | object | `{}` | Affinity to be added to supersetCeleryBeat deployment |
 | supersetCeleryBeat.command | list | a `celery beat` command | Command |
 | supersetCeleryBeat.containerSecurityContext | object | `{}` |  |
-| supersetCeleryBeat.deploymentAdditionalPodSpec | object | `{}` | Custom pod spec to be added to supersetCeleryBeat deployment |
 | supersetCeleryBeat.deploymentAnnotations | object | `{}` | Annotations to be added to supersetCeleryBeat deployment |
 | supersetCeleryBeat.enabled | bool | `false` | This is only required if you intend to use alerts and reports |
 | supersetCeleryBeat.extraContainers | list | `[]` | Launch additional containers into supersetCeleryBeat pods |
@@ -151,7 +149,6 @@ On helm this can be set on `extraSecretEnv.SUPERSET_SECRET_KEY` or `configOverri
 | supersetCeleryFlower.affinity | object | `{}` | Affinity to be added to supersetCeleryFlower deployment |
 | supersetCeleryFlower.command | list | a `celery flower` command | Command |
 | supersetCeleryFlower.containerSecurityContext | object | `{}` |  |
-| supersetCeleryFlower.deploymentAdditionalPodSpec | object | `{}` | Custom pod spec to be added to supersetCeleryFlower deployment |
 | supersetCeleryFlower.deploymentAnnotations | object | `{}` | Annotations to be added to supersetCeleryFlower deployment |
 | supersetCeleryFlower.enabled | bool | `false` | Enables a Celery flower deployment (management UI to monitor celery jobs) WARNING: on superset 1.x, this requires a Superset image that has `flower<1.0.0` installed (which is NOT the case of the default images) flower>=1.0.0 requires Celery 5+ which Superset 1.5 does not support |
 | supersetCeleryFlower.extraContainers | list | `[]` | Launch additional containers into supersetCeleryFlower pods |
@@ -207,14 +204,12 @@ On helm this can be set on `extraSecretEnv.SUPERSET_SECRET_KEY` or `configOverri
 | supersetNode.connections.db_user | string | `"superset"` |  |
 | supersetNode.connections.redis_cache_db | string | `"1"` |  |
 | supersetNode.connections.redis_celery_db | string | `"0"` |  |
-| supersetNode.connections.redis_driver | string | `""` |  |
 | supersetNode.connections.redis_host | string | `"{{ .Release.Name }}-redis-headless"` | Change in case of bringing your own redis and then also set redis.enabled:false |
 | supersetNode.connections.redis_port | string | `"6379"` |  |
 | supersetNode.connections.redis_ssl.enabled | bool | `false` |  |
 | supersetNode.connections.redis_ssl.ssl_cert_reqs | string | `"CERT_NONE"` |  |
 | supersetNode.connections.redis_user | string | `""` |  |
 | supersetNode.containerSecurityContext | object | `{}` |  |
-| supersetNode.deploymentAdditionalPodSpec | object | `{}` | Custom pod spec to be added to supersetNode deployment |
 | supersetNode.deploymentAnnotations | object | `{}` | Annotations to be added to supersetNode deployment |
 | supersetNode.deploymentLabels | object | `{}` | Labels to be added to supersetNode deployment |
 | supersetNode.env | object | `{}` |  |
@@ -260,7 +255,6 @@ On helm this can be set on `extraSecretEnv.SUPERSET_SECRET_KEY` or `configOverri
 | supersetWebsockets.command | list | `[]` |  |
 | supersetWebsockets.config | object | see `values.yaml` | The config.json to pass to the server, see https://github.com/apache/superset/tree/master/superset-websocket Note that the configuration can also read from environment variables (which will have priority), see https://github.com/apache/superset/blob/master/superset-websocket/src/config.ts for a list of supported variables |
 | supersetWebsockets.containerSecurityContext | object | `{}` |  |
-| supersetWebsockets.deploymentAdditionalPodSpec | object | `{}` | Custom pod spec to be added to supersetWebsockets deployment |
 | supersetWebsockets.deploymentAnnotations | object | `{}` |  |
 | supersetWebsockets.enabled | bool | `false` | This is only required if you intend to use `GLOBAL_ASYNC_QUERIES` in `ws` mode see https://superset.apache.org/docs/contributing/misc#async-chart-queries |
 | supersetWebsockets.extraContainers | list | `[]` | Launch additional containers into supersetWebsockets pods |
@@ -314,7 +308,6 @@ On helm this can be set on `extraSecretEnv.SUPERSET_SECRET_KEY` or `configOverri
 | supersetWorker.autoscaling.targetCPUUtilizationPercentage | int | `80` |  |
 | supersetWorker.command | list | a `celery worker` command | Worker startup command |
 | supersetWorker.containerSecurityContext | object | `{}` |  |
-| supersetWorker.deploymentAdditionalPodSpec | object | `{}` | Custom pod spec to be added to supersetWorker deployment |
 | supersetWorker.deploymentAnnotations | object | `{}` | Annotations to be added to supersetWorker deployment |
 | supersetWorker.deploymentLabels | object | `{}` | Labels to be added to supersetWorker deployment |
 | supersetWorker.extraContainers | list | `[]` | Launch additional containers into supersetWorker pod |
--- a/helm/superset/templates/_helpers.tpl
+++ b/helm/superset/templates/_helpers.tpl
@@ -71,9 +71,9 @@ def env(key, default=None):

 # Redis Base URL
 {{- if .Values.supersetNode.connections.redis_password }}
-REDIS_BASE_URL=f"{env('REDIS_DRIVER') or env('REDIS_PROTO')}://{env('REDIS_USER', '')}:{env('REDIS_PASSWORD')}@{env('REDIS_HOST')}:{env('REDIS_PORT')}"
+REDIS_BASE_URL=f"{env('REDIS_PROTO')}://{env('REDIS_USER', '')}:{env('REDIS_PASSWORD')}@{env('REDIS_HOST')}:{env('REDIS_PORT')}"
 {{- else }}
-REDIS_BASE_URL=f"{env('REDIS_DRIVER') or env('REDIS_PROTO')}://{env('REDIS_HOST')}:{env('REDIS_PORT')}"
+REDIS_BASE_URL=f"{env('REDIS_PROTO')}://{env('REDIS_HOST')}:{env('REDIS_PORT')}"
 {{- end }}

 # Redis URL Params
--- a/helm/superset/templates/deployment-beat.yaml
+++ b/helm/superset/templates/deployment-beat.yaml
@@ -68,9 +68,6 @@ spec:
          {{- toYaml .Values.supersetCeleryBeat.podLabels | nindent 8 }}
        {{- end }}
    spec:
-      {{- if .Values.supersetCeleryBeat.deploymentAdditionalPodSpec }}
-      {{- tpl (toYaml .Values.supersetCeleryBeat.deploymentAdditionalPodSpec) . | nindent 6 }}
-      {{- end }}
      {{- if or (.Values.serviceAccount.create) (.Values.serviceAccountName) }}
      serviceAccountName: {{ template "superset.serviceAccountName" . }}
      {{- end }}
--- a/helm/superset/templates/deployment-flower.yaml
+++ b/helm/superset/templates/deployment-flower.yaml
@@ -57,9 +57,6 @@ spec:
          {{- toYaml .Values.supersetCeleryFlower.podLabels | nindent 8 }}
        {{- end }}
    spec:
-      {{- if .Values.supersetCeleryFlower.deploymentAdditionalPodSpec }}
-      {{- tpl (toYaml .Values.supersetCeleryFlower.deploymentAdditionalPodSpec) . | nindent 6 }}
-      {{- end }}
      {{- if or (.Values.serviceAccount.create) (.Values.serviceAccountName) }}
      serviceAccountName: {{ template "superset.serviceAccountName" . }}
      {{- end }}
--- a/helm/superset/templates/deployment-worker.yaml
+++ b/helm/superset/templates/deployment-worker.yaml
@@ -74,9 +74,6 @@ spec:
          {{- toYaml .Values.supersetWorker.podLabels | nindent 8 }}
        {{- end }}
    spec:
-      {{- if .Values.supersetWorker.deploymentAdditionalPodSpec }}
-      {{- tpl (toYaml .Values.supersetWorker.deploymentAdditionalPodSpec) . | nindent 6 }}
-      {{- end }}
      {{- if or (.Values.serviceAccount.create) (.Values.serviceAccountName) }}
      serviceAccountName: {{ template "superset.serviceAccountName" . }}
      {{- end }}
--- a/helm/superset/templates/deployment-ws.yaml
+++ b/helm/superset/templates/deployment-ws.yaml
@@ -60,9 +60,6 @@ spec:
          {{- toYaml .Values.supersetWebsockets.podLabels | nindent 8 }}
        {{- end }}
    spec:
-      {{- if .Values.supersetWebsockets.deploymentAdditionalPodSpec }}
-      {{- tpl (toYaml .Values.supersetWebsockets.deploymentAdditionalPodSpec) . | nindent 6 }}
-      {{- end }}
      {{- if or (.Values.serviceAccount.create) (.Values.serviceAccountName) }}
      serviceAccountName: {{ template "superset.serviceAccountName" . }}
      {{- end }}
--- a/helm/superset/templates/deployment.yaml
+++ b/helm/superset/templates/deployment.yaml
@@ -76,9 +76,6 @@ spec:
          {{- toYaml .Values.supersetNode.podLabels | nindent 8 }}
        {{- end }}
    spec:
-      {{- if .Values.supersetNode.deploymentAdditionalPodSpec }}
-      {{- tpl (toYaml .Values.supersetNode.deploymentAdditionalPodSpec) . | nindent 6 }}
-      {{- end }}
      {{- if or (.Values.serviceAccount.create) (.Values.serviceAccountName) }}
      serviceAccountName: {{ template "superset.serviceAccountName" . }}
      {{- end }}
--- a/helm/superset/templates/init-job.yaml
+++ b/helm/superset/templates/init-job.yaml
@@ -41,21 +41,16 @@ spec:
      {{- if .Values.init.podAnnotations }}
      annotations: {{- toYaml .Values.init.podAnnotations | nindent 8 }}
      {{- end }}
+      {{- if or .Values.extraLabels .Values.init.podLabels }}
      labels:
-        app: {{ template "superset.name" . }}
-        chart: {{ template "superset.chart" . }}
-        release: {{ .Release.Name }}
-        job: {{ template "superset.fullname" . }}-init-db
        {{- if .Values.extraLabels }}
          {{- toYaml .Values.extraLabels | nindent 8 }}
        {{- end }}
        {{- if .Values.init.podLabels }}
          {{- toYaml .Values.init.podLabels | nindent 8 }}
        {{- end }}
-    spec:
-      {{- if .Values.init.additionalPodSpec }}
-      {{- tpl (toYaml .Values.init.additionalPodSpec) . | nindent 6 }}
      {{- end }}
+    spec:
      {{- if or (.Values.serviceAccount.create) (.Values.serviceAccountName) }}
      serviceAccountName: {{ template "superset.serviceAccountName" . }}
      {{- end }}
--- a/helm/superset/templates/secret-env.yaml
+++ b/helm/superset/templates/secret-env.yaml
@@ -39,7 +39,6 @@ stringData:
    {{- end }}
    REDIS_PORT: {{ .Values.supersetNode.connections.redis_port | quote }}
    REDIS_PROTO: {{ if .Values.supersetNode.connections.redis_ssl.enabled }}"rediss"{{ else }}"redis"{{ end }}
-    REDIS_DRIVER: {{ .Values.supersetNode.connections.redis_driver | quote }}
    REDIS_DB: {{ .Values.supersetNode.connections.redis_cache_db | quote }}
    REDIS_CELERY_DB: {{ .Values.supersetNode.connections.redis_celery_db | quote }}
    {{- if .Values.supersetNode.connections.redis_ssl.enabled }}
--- a/helm/superset/values.yaml
+++ b/helm/superset/values.yaml
@@ -283,7 +283,6 @@ supersetNode:
    redis_ssl:
      enabled: false
      ssl_cert_reqs: CERT_NONE
-    redis_driver: ""
    # You need to change below configuration incase bringing own PostgresSQL instance and also set postgresql.enabled:false
    # -- Database type for Superset metadata (Supported types: "postgresql", "mysql")
    db_type: "postgresql"
@@ -335,8 +334,6 @@ supersetNode:
  deploymentAnnotations: {}
  # -- Labels to be added to supersetNode deployment
  deploymentLabels: {}
-  # -- Custom pod spec to be added to supersetNode deployment
-  deploymentAdditionalPodSpec: {}
  # -- Affinity to be added to supersetNode deployment
  affinity: {}
  # -- TopologySpreadConstrains to be added to supersetNode deployments
@@ -462,8 +459,6 @@ supersetWorker:
  deploymentAnnotations: {}
  # -- Labels to be added to supersetWorker deployment
  deploymentLabels: {}
-  # -- Custom pod spec to be added to supersetWorker deployment
-  deploymentAdditionalPodSpec: {}
  # -- Affinity to be added to supersetWorker deployment
  affinity: {}
  # -- TopologySpreadConstrains to be added to supersetWorker deployments
@@ -570,8 +565,6 @@ supersetCeleryBeat:
  extraContainers: []
  # -- Annotations to be added to supersetCeleryBeat deployment
  deploymentAnnotations: {}
-  # -- Custom pod spec to be added to supersetCeleryBeat deployment
-  deploymentAdditionalPodSpec: {}
  # -- Affinity to be added to supersetCeleryBeat deployment
  affinity: {}
  # -- TopologySpreadConstrains to be added to supersetCeleryBeat deployments
@@ -687,8 +680,6 @@ supersetCeleryFlower:
  extraContainers: []
  # -- Annotations to be added to supersetCeleryFlower deployment
  deploymentAnnotations: {}
-  # -- Custom pod spec to be added to supersetCeleryFlower deployment
-  deploymentAdditionalPodSpec: {}
  # -- Affinity to be added to supersetCeleryFlower deployment
  affinity: {}
  # -- TopologySpreadConstrains to be added to supersetCeleryFlower deployments
@@ -766,8 +757,6 @@ supersetWebsockets:
  # -- Launch additional containers into supersetWebsockets pods
  extraContainers: []
  deploymentAnnotations: {}
-  # -- Custom pod spec to be added to supersetWebsockets deployment
-  deploymentAdditionalPodSpec: {}
  # -- Affinity to be added to supersetWebsockets deployment
  affinity: {}
  # -- TopologySpreadConstrains to be added to supersetWebsockets deployments
@@ -830,8 +819,6 @@ init:
  jobAnnotations:
    "helm.sh/hook": post-install,post-upgrade
    "helm.sh/hook-delete-policy": "before-hook-creation"
-  # -- Custom pod spec to be added to init job
-  additionalPodSpec: {}
  loadExamples: false
  createAdmin: true
  adminUser:
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -108,7 +108,7 @@ dependencies = [
    "simplejson>=4.1.1",
    "slack_sdk>=3.19.0, <4",
    "sqlalchemy>=1.4, <2",
-    "sqlalchemy-utils>=0.42.1, <0.43", # expanding lowerbound to work with pydoris
+    "sqlalchemy-utils>=0.38.0, <0.43", # expanding lowerbound to work with pydoris
    "sqlglot>=30.8.0, <31",
    # newer pandas needs 0.9+
    "tabulate>=0.10.0, <1.0",
@@ -147,7 +147,7 @@ denodo = ["denodo-sqlalchemy>=2.0.5,<2.1.0"]
 dremio = ["sqlalchemy-dremio>=1.2.1, <4"]
 drill = ["sqlalchemy-drill>=1.1.10, <2"]
 druid = ["pydruid>=0.6.5,<0.7"]
-duckdb = ["duckdb>=1.5.4,<2", "duckdb-engine>=0.17.0"]
+duckdb = ["duckdb>=1.5.2,<2", "duckdb-engine>=0.17.0"]
 dynamodb = ["pydynamodb>=0.4.2"]
 solr = ["sqlalchemy-solr >= 0.2.4.3"]
 elasticsearch = ["elasticsearch-dbapi>=0.2.13, <0.3.0"]
@@ -206,7 +206,7 @@ spark = [
    "thrift>=0.23.0, <1",
 ]
 tdengine = [
-    "taospy>=2.8.9",
+    "taospy>=2.7.21",
    "taos-ws-py>=0.6.9"
 ]
 teradata = ["teradatasql>=16.20.0.23"]
--- a/pytest.ini
+++ b/pytest.ini
@@ -43,5 +43,5 @@ filterwarnings =
 #    error:The ``declarative_base\(\)`` function is now available:sqlalchemy.exc.RemovedIn20Warning
 #    error:The Engine.execute\(\) method is considered legacy:sqlalchemy.exc.RemovedIn20Warning
    error:The legacy calling style of select\(\) is deprecated:sqlalchemy.exc.RemovedIn20Warning
-    error:The "whens" argument to case:sqlalchemy.exc.RemovedIn20Warning
+#    error:The "whens" argument to case:sqlalchemy.exc.RemovedIn20Warning
 #    error:"User" object is being merged into a Session:sqlalchemy.exc.RemovedIn20Warning
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -315,7 +315,7 @@ pygeohash==3.2.2
    # via apache-superset (pyproject.toml)
 pygments==2.20.0
    # via rich
-pyjwt==2.13.0
+pyjwt==2.12.0
    # via
    #   apache-superset (pyproject.toml)
    #   flask-appbuilder
@@ -405,7 +405,7 @@ sqlalchemy==1.4.54
    #   marshmallow-sqlalchemy
    #   shillelagh
    #   sqlalchemy-utils
-sqlalchemy-utils==0.42.1
+sqlalchemy-utils==0.42.0
    # via
    #   apache-superset (pyproject.toml)
    #   apache-superset-core
--- a/requirements/development.txt
+++ b/requirements/development.txt
@@ -220,7 +220,7 @@ docstring-parser==0.17.0
    # via cyclopts
 docutils==0.22.2
    # via rich-rst
-duckdb==1.5.4
+duckdb==1.5.3
    # via
    #   apache-superset
    #   duckdb-engine
@@ -769,7 +769,7 @@ pyhive==0.7.0
    # via apache-superset
 pyinstrument==5.1.2
    # via apache-superset
-pyjwt==2.13.0
+pyjwt==2.12.0
    # via
    #   -c requirements/base-constraint.txt
    #   apache-superset
@@ -976,7 +976,7 @@ sqlalchemy==1.4.54
    #   sqlalchemy-utils
 sqlalchemy-bigquery==1.17.0
    # via apache-superset
-sqlalchemy-utils==0.42.1
+sqlalchemy-utils==0.42.0
    # via
    #   -c requirements/base-constraint.txt
    #   apache-superset
--- a/scripts/translations/build_translation_index.py
+++ b/scripts/translations/build_translation_index.py
@@ -86,19 +86,7 @@ def build_index(translations_dir: Path) -> dict[str, Any]:

    for lang in langs:
        po_path = translations_dir / lang / "LC_MESSAGES" / "messages.po"
-        try:
-            cat = polib.pofile(str(po_path))
-        except (OSError, UnicodeDecodeError) as exc:
-            # A single malformed catalog shouldn't block backfilling every
-            # other language. polib raises OSError on syntax errors (e.g. an
-            # unescaped quote) and UnicodeDecodeError on bad encoding; skip
-            # either with a loud warning so the corrupt file gets fixed
-            # separately.
-            print(
-                f"WARNING: skipping {lang} — could not parse {po_path}: {exc}",
-                file=sys.stderr,
-            )
-            continue
+        cat = polib.pofile(str(po_path))
        for entry in cat:
            if not entry.msgid:
                continue  # skip header entry
--- a/superset-embedded-sdk/.nvmrc
+++ b/superset-embedded-sdk/.nvmrc
@@ -1 +0,0 @@
-../superset-frontend/.nvmrc
--- a/superset-embedded-sdk/.nvmrc
+++ b/superset-embedded-sdk/.nvmrc
@@ -0,0 +1 @@
+v24.16.0
--- a/superset-embedded-sdk/CONTRIBUTING.md
+++ b/superset-embedded-sdk/CONTRIBUTING.md
@@ -32,7 +32,6 @@ and therefore are not easily unit-testable. We have instead opted to test the sd
 This way, the tests can assert that the sdk actually mounts the iframe and communicates with it correctly.

 At time of writing, these tests are not written yet, because we haven't yet put together the demo app that they will leverage.
-
 ### Things to e2e test once we have a demo app:

 **happy path:**
--- a/superset-embedded-sdk/README.md
+++ b/superset-embedded-sdk/README.md
@@ -41,12 +41,12 @@ npm install --save @superset-ui/embedded-sdk
 ```

 ```js
-import { embedDashboard } from "@superset-ui/embedded-sdk";
+import { embedDashboard } from '@superset-ui/embedded-sdk';

 embedDashboard({
-  id: "abc123", // given by the Superset embedding UI
-  supersetDomain: "https://superset.example.com",
-  mountPoint: document.getElementById("my-superset-container"), // any html element that can contain an iframe
+  id: 'abc123', // given by the Superset embedding UI
+  supersetDomain: 'https://superset.example.com',
+  mountPoint: document.getElementById('my-superset-container'), // any html element that can contain an iframe
  fetchGuestToken: () => fetchGuestTokenFromBackend(),
  dashboardUiConfig: {
    // dashboard UI config: hideTitle, hideTab, hideChartControls, filters.visible, filters.expanded (optional), urlParams (optional)
@@ -55,21 +55,21 @@ embedDashboard({
      expanded: true,
    },
    urlParams: {
-      foo: "value1",
-      bar: "value2",
+      foo: 'value1',
+      bar: 'value2',
      // themeMode: 'dark', // set the initial theme: 'dark' | 'system' | 'default' (default: 'default')
      // ...
    },
  },
  // optional additional iframe sandbox attributes
  iframeSandboxExtras: [
-    "allow-top-navigation",
-    "allow-popups-to-escape-sandbox",
+    'allow-top-navigation',
+    'allow-popups-to-escape-sandbox',
  ],
  // optional Permissions Policy features
-  iframeAllowExtras: ["clipboard-write", "fullscreen"],
+  iframeAllowExtras: ['clipboard-write', 'fullscreen'],
  // optional config to enforce a particular referrerPolicy
-  referrerPolicy: "same-origin",
+  referrerPolicy: 'same-origin',
  // optional callback to customize permalink URLs
  resolvePermalinkUrl: ({ key }) => `https://my-app.com/analytics/share/${key}`,
 });
@@ -163,13 +163,13 @@ Use the `themeMode` URL parameter to control the embedded dashboard's initial co

 ```js
 embedDashboard({
-  id: "abc123",
-  supersetDomain: "https://superset.example.com",
-  mountPoint: document.getElementById("my-superset-container"),
+  id: 'abc123',
+  supersetDomain: 'https://superset.example.com',
+  mountPoint: document.getElementById('my-superset-container'),
  fetchGuestToken: () => fetchGuestTokenFromBackend(),
  dashboardUiConfig: {
    urlParams: {
-      themeMode: "dark", // 'dark' | 'system' | 'default' (default: 'default')
+      themeMode: 'dark', // 'dark' | 'system' | 'default' (default: 'default')
    },
  },
 });
@@ -193,7 +193,7 @@ To pass additional sandbox attributes you can use `iframeSandboxExtras`:

 ```js
 // optional additional iframe sandbox attributes
-iframeSandboxExtras: ["allow-top-navigation", "allow-popups-to-escape-sandbox"];
+iframeSandboxExtras: ['allow-top-navigation', 'allow-popups-to-escape-sandbox'];
 ```

 ### Permissions Policy
@@ -202,7 +202,7 @@ To enable specific browser features within the embedded iframe, use `iframeAllow

 ```js
 // optional Permissions Policy features
-iframeAllowExtras: ["clipboard-write", "fullscreen"];
+iframeAllowExtras: ['clipboard-write', 'fullscreen'];
 ```

 Common permissions you might need:
@@ -225,9 +225,9 @@ When users click share buttons inside an embedded dashboard, Superset generates

 ```js
 embedDashboard({
-  id: "abc123",
-  supersetDomain: "https://superset.example.com",
-  mountPoint: document.getElementById("my-superset-container"),
+  id: 'abc123',
+  supersetDomain: 'https://superset.example.com',
+  mountPoint: document.getElementById('my-superset-container'),
  fetchGuestToken: () => fetchGuestTokenFromBackend(),

  // Customize permalink URLs
@@ -245,9 +245,9 @@ To restore the dashboard state from a permalink in your app:
 const permalinkKey = routeParams.key;

 embedDashboard({
-  id: "abc123",
-  supersetDomain: "https://superset.example.com",
-  mountPoint: document.getElementById("my-superset-container"),
+  id: 'abc123',
+  supersetDomain: 'https://superset.example.com',
+  mountPoint: document.getElementById('my-superset-container'),
  fetchGuestToken: () => fetchGuestTokenFromBackend(),
  resolvePermalinkUrl: ({ key }) => `https://my-app.com/analytics/share/${key}`,
  dashboardUiConfig: {
--- a/superset-embedded-sdk/babel.config.js
+++ b/superset-embedded-sdk/babel.config.js
@@ -18,6 +18,9 @@
 */

 module.exports = {
-  presets: ["@babel/preset-typescript", "@babel/preset-env"],
+  presets: [
+    "@babel/preset-typescript",
+    "@babel/preset-env"
+  ],
  sourceMaps: true,
 };
--- a/superset-embedded-sdk/package-lock.json
+++ b/superset-embedded-sdk/package-lock.json
--- a/superset-embedded-sdk/package.json
+++ b/superset-embedded-sdk/package.json
@@ -24,7 +24,7 @@
  "scripts": {
    "build": "tsc && babel src --out-dir lib --extensions '.ts,.tsx' && webpack --mode production",
    "ci:release": "node ./release-if-necessary.js",
-    "test": "vitest --run --dir src"
+    "test": "jest"
  },
  "browserslist": [
    "last 3 chrome versions",
@@ -41,11 +41,12 @@
    "@babel/core": "^7.25.2",
    "@babel/preset-env": "^7.25.4",
    "@babel/preset-typescript": "^7.24.7",
-    "@types/node": "^25.4.0",
+    "@types/jest": "^29.5.12",
+    "@types/node": "^22.5.4",
    "babel-loader": "^9.1.3",
+    "jest": "^29.7.0",
    "tscw-config": "^1.1.2",
-    "typescript": "^5.9.3",
-    "vitest": "^4.0.18",
+    "typescript": "^5.6.2",
    "webpack": "^5.94.0",
    "webpack-cli": "^5.1.4"
  },
--- a/superset-embedded-sdk/release-if-necessary.js
+++ b/superset-embedded-sdk/release-if-necessary.js
@@ -17,15 +17,15 @@
 * under the License.
 */

-const { execSync } = require("child_process");
-const { name, version } = require("./package.json");
+const { execSync } = require('child_process');
+const { name, version } = require('./package.json');

 function log(...args) {
-  console.log("[embedded-sdk-release]", ...args);
+  console.log('[embedded-sdk-release]', ...args);
 }

 function logError(...args) {
-  console.error("[embedded-sdk-release]", ...args);
+  console.error('[embedded-sdk-release]', ...args);
 }

 (async () => {
@@ -38,13 +38,13 @@ function logError(...args) {
  const { status } = await fetch(packageUrl);

  if (status === 200) {
-    log("version already exists on npm, exiting");
+    log('version already exists on npm, exiting');
  } else if (status === 404) {
-    log("release required, building");
+    log('release required, building');
    try {
-      execSync("npm run build", { stdio: "pipe" });
-      log("build successful, publishing");
-      execSync("npm publish --access public", { stdio: "pipe" });
+      execSync('npm run build', { stdio: 'pipe' });
+      log('build successful, publishing')
+      execSync('npm publish --access public', { stdio: 'pipe' });
      log(`published ${version} to npm`);
    } catch (err) {
      // npm writes failure details to stderr (auth/permission/registry
@@ -52,7 +52,7 @@ function logError(...args) {
      // the real cause in CI logs.
      if (err.stdout) console.error(String(err.stdout));
      if (err.stderr) console.error(String(err.stderr));
-      logError("Encountered an error, details should be above");
+      logError('Encountered an error, details should be above');
      process.exitCode = 1;
    }
  } else {
--- a/superset-embedded-sdk/src/const.ts
+++ b/superset-embedded-sdk/src/const.ts
@@ -18,9 +18,7 @@
 */

 export const IFRAME_COMMS_MESSAGE_TYPE = "__embedded_comms__";
-export const DASHBOARD_UI_FILTER_CONFIG_URL_PARAM_KEY: {
-  [index: string]: any;
-} = {
+export const DASHBOARD_UI_FILTER_CONFIG_URL_PARAM_KEY: { [index: string]: any } = {
  visible: "show_filters",
  expanded: "expand_filters",
-};
+}
--- a/superset-embedded-sdk/src/guestTokenRefresh.test.ts
+++ b/superset-embedded-sdk/src/guestTokenRefresh.test.ts
@@ -24,23 +24,22 @@ import {
  DEFAULT_TOKEN_EXP_MS,
  DEFAULT_TOKEN_REFRESH_RETRY_MS,
 } from "./guestTokenRefresh";
-import { afterAll, beforeAll, it, expect, describe, vi } from "vitest";

 describe("guest token refresh", () => {
  beforeAll(() => {
-    vi.useFakeTimers();
-    vi.setSystemTime(new Date("2022-03-03 01:00"));
-    vi.spyOn(globalThis, "setTimeout");
+    jest.useFakeTimers();
+    jest.setSystemTime(new Date("2022-03-03 01:00"));
+    jest.spyOn(global, "setTimeout");
  });

  afterAll(() => {
-    vi.useRealTimers();
+    jest.useRealTimers();
  });

  function makeFakeJWT(claims: any) {
    // not a valid jwt, but close enough for this code
    const tokenifiedClaims = Buffer.from(JSON.stringify(claims)).toString(
-      "base64",
+      "base64"
    );
    return `abc.${tokenifiedClaims}.xyz`;
  }
--- a/superset-embedded-sdk/src/guestTokenRefresh.ts
+++ b/superset-embedded-sdk/src/guestTokenRefresh.ts
@@ -18,23 +18,17 @@
 */
 import { jwtDecode } from "jwt-decode";

-export const REFRESH_TIMING_BUFFER_MS = 5000; // refresh guest token early to avoid failed superset requests
-export const MIN_REFRESH_WAIT_MS = 10000; // avoid blasting requests as fast as the cpu can handle
-export const DEFAULT_TOKEN_EXP_MS = 300000; // (5 min) used only when parsing guest token exp fails
-export const DEFAULT_TOKEN_REFRESH_RETRY_MS = 10000; // wait before retrying a failed/timed-out token refresh
+export const REFRESH_TIMING_BUFFER_MS = 5000 // refresh guest token early to avoid failed superset requests
+export const MIN_REFRESH_WAIT_MS = 10000 // avoid blasting requests as fast as the cpu can handle
+export const DEFAULT_TOKEN_EXP_MS = 300000 // (5 min) used only when parsing guest token exp fails
+export const DEFAULT_TOKEN_REFRESH_RETRY_MS = 10000 // wait before retrying a failed/timed-out token refresh

 // when do we refresh the guest token?
 export function getGuestTokenRefreshTiming(currentGuestToken: string) {
  const parsedJwt = jwtDecode<Record<string, any>>(currentGuestToken);
  // if exp is int, it is in seconds, but Date() takes milliseconds
-  const exp = new Date(
-    /[^0-9\.]/g.test(parsedJwt.exp)
-      ? parsedJwt.exp
-      : parseFloat(parsedJwt.exp) * 1000,
-  );
-  const isValidDate = exp.toString() !== "Invalid Date";
-  const ttl = isValidDate
-    ? Math.max(MIN_REFRESH_WAIT_MS, exp.getTime() - Date.now())
-    : DEFAULT_TOKEN_EXP_MS;
+  const exp = new Date(/[^0-9\.]/g.test(parsedJwt.exp) ? parsedJwt.exp : parseFloat(parsedJwt.exp) * 1000);
+  const isValidDate = exp.toString() !== 'Invalid Date';
+  const ttl = isValidDate ? Math.max(MIN_REFRESH_WAIT_MS, exp.getTime() - Date.now()) : DEFAULT_TOKEN_EXP_MS;
  return ttl - REFRESH_TIMING_BUFFER_MS;
 }
--- a/superset-embedded-sdk/src/index.ts
+++ b/superset-embedded-sdk/src/index.ts
@@ -20,15 +20,15 @@
 import {
  DASHBOARD_UI_FILTER_CONFIG_URL_PARAM_KEY,
  IFRAME_COMMS_MESSAGE_TYPE,
-} from "./const";
+} from './const';

 // We can swap this out for the actual switchboard package once it gets published
-import { Switchboard } from "@superset-ui/switchboard";
+import { Switchboard } from '@superset-ui/switchboard';
 import {
  getGuestTokenRefreshTiming,
  DEFAULT_TOKEN_REFRESH_RETRY_MS,
-} from "./guestTokenRefresh";
-import { withTimeout } from "./withTimeout";
+} from './guestTokenRefresh';
+import { withTimeout } from './withTimeout';

 /**
 * The function to fetch a guest token from your Host App's backend server.
@@ -97,7 +97,7 @@ export type ObserveDataMaskCallbackFn = (
    nativeFiltersChanged: boolean;
  },
 ) => void;
-export type ThemeMode = "default" | "dark" | "system";
+export type ThemeMode = 'default' | 'dark' | 'system';

 /**
 * Callback to resolve permalink URLs.
@@ -113,12 +113,12 @@ export type EmbeddedDashboard = {
  unmount: () => void;
  getDashboardPermalink: (anchor: string) => Promise<string>;
  getActiveTabs: () => Promise<string[]>;
-  observeDataMask: (callbackFn: ObserveDataMaskCallbackFn) => void;
+  observeDataMask: (
+    callbackFn: ObserveDataMaskCallbackFn,
+  ) => void;
  getDataMask: () => Promise<Record<string, any>>;
  getChartStates: () => Promise<Record<string, any>>;
-  getChartDataPayloads: (params?: {
-    chartId?: number;
-  }) => Promise<Record<string, any>>;
+  getChartDataPayloads: (params?: { chartId?: number }) => Promise<Record<string, any>>;
  setThemeConfig: (themeConfig: Record<string, any>) => void;
  setThemeMode: (mode: ThemeMode) => void;
 };
@@ -133,7 +133,7 @@ export async function embedDashboard({
  fetchGuestToken,
  dashboardUiConfig,
  debug = false,
-  iframeTitle = "Embedded Dashboard",
+  iframeTitle = 'Embedded Dashboard',
  iframeSandboxExtras = [],
  iframeAllowExtras = [],
  referrerPolicy,
@@ -152,13 +152,13 @@ export async function embedDashboard({
    return withTimeout(
      fetchGuestToken(),
      guestTokenFetchTimeoutMs,
-      "fetchGuestToken",
+      'fetchGuestToken',
    );
  }

-  log("embedding");
+  log('embedding');

-  if (supersetDomain.endsWith("/")) {
+  if (supersetDomain.endsWith('/')) {
    supersetDomain = supersetDomain.slice(0, -1);
  }

@@ -185,15 +185,15 @@ export async function embedDashboard({
  }

  async function mountIframe(): Promise<Switchboard> {
-    return new Promise((resolve) => {
-      const iframe = document.createElement("iframe");
+    return new Promise(resolve => {
+      const iframe = document.createElement('iframe');
      const dashboardConfigUrlParams = dashboardUiConfig
        ? { uiConfig: `${calculateConfig()}` }
        : undefined;
      const filterConfig = dashboardUiConfig?.filters || {};
      const filterConfigKeys = Object.keys(filterConfig);
      const filterConfigUrlParams = Object.fromEntries(
-        filterConfigKeys.map((key) => [
+        filterConfigKeys.map(key => [
          DASHBOARD_UI_FILTER_CONFIG_URL_PARAM_KEY[key],
          filterConfig[key],
        ]),
@@ -206,16 +206,16 @@ export async function embedDashboard({
        ...dashboardUiConfig?.urlParams,
      };
      const urlParamsString = Object.keys(urlParams).length
-        ? "?" + new URLSearchParams(urlParams).toString()
-        : "";
+        ? '?' + new URLSearchParams(urlParams).toString()
+        : '';

      // set up the iframe's sandbox configuration
-      iframe.sandbox.add("allow-same-origin"); // needed for postMessage to work
-      iframe.sandbox.add("allow-scripts"); // obviously the iframe needs scripts
-      iframe.sandbox.add("allow-presentation"); // for fullscreen charts
-      iframe.sandbox.add("allow-downloads"); // for downloading charts as image
-      iframe.sandbox.add("allow-forms"); // for forms to submit
-      iframe.sandbox.add("allow-popups"); // for exporting charts as csv
+      iframe.sandbox.add('allow-same-origin'); // needed for postMessage to work
+      iframe.sandbox.add('allow-scripts'); // obviously the iframe needs scripts
+      iframe.sandbox.add('allow-presentation'); // for fullscreen charts
+      iframe.sandbox.add('allow-downloads'); // for downloading charts as image
+      iframe.sandbox.add('allow-forms'); // for forms to submit
+      iframe.sandbox.add('allow-popups'); // for exporting charts as csv
      // additional sandbox props
      iframeSandboxExtras.forEach((key: string) => {
        iframe.sandbox.add(key);
@@ -226,7 +226,7 @@ export async function embedDashboard({
      }

      // add the event listener before setting src, to be 100% sure that we capture the load event
-      iframe.addEventListener("load", () => {
+      iframe.addEventListener('load', () => {
        // MessageChannel allows us to send and receive messages smoothly between our window and the iframe
        // See https://developer.mozilla.org/en-US/docs/Web/API/Channel_Messaging_API
        const commsChannel = new MessageChannel();
@@ -237,35 +237,35 @@ export async function embedDashboard({
        // See https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
        // we know the content window isn't null because we are in the load event handler.
        iframe.contentWindow!.postMessage(
-          { type: IFRAME_COMMS_MESSAGE_TYPE, handshake: "port transfer" },
+          { type: IFRAME_COMMS_MESSAGE_TYPE, handshake: 'port transfer' },
          supersetDomain,
          [theirPort],
        );
-        log("sent message channel to the iframe");
+        log('sent message channel to the iframe');

        // return our port from the promise
        resolve(
          new Switchboard({
            port: ourPort,
-            name: "superset-embedded-sdk",
+            name: 'superset-embedded-sdk',
            debug,
          }),
        );
      });
      iframe.src = `${supersetDomain}/embedded/${id}${urlParamsString}`;
      iframe.title = iframeTitle;
-      iframe.style.background = "transparent";
+      iframe.style.background = 'transparent';
      // Permissions Policy features the embedded dashboard relies on. Modern
      // browsers gate these APIs on the iframe's `allow` attribute regardless
      // of sandbox flags, so we include them by default. Host apps can extend
      // the list via `iframeAllowExtras`.
      const allowFeatures = Array.from(
-        new Set(["fullscreen", "clipboard-write", ...iframeAllowExtras]),
+        new Set(['fullscreen', 'clipboard-write', ...iframeAllowExtras]),
      );
-      iframe.setAttribute("allow", allowFeatures.join("; "));
+      iframe.setAttribute('allow', allowFeatures.join('; '));
      //@ts-ignore
      mountPoint.replaceChildren(iframe);
-      log("placed the iframe");
+      log('placed the iframe');
    });
  }

@@ -285,8 +285,8 @@ export async function embedDashboard({
    throw err;
  }

-  ourPort.emit("guestToken", { guestToken });
-  log("sent guest token");
+  ourPort.emit('guestToken', { guestToken });
+  log('sent guest token');

  // Track the pending refresh timer so it can be cancelled on unmount, and
  // stop the cycle once unmounted so it cannot leak across mount/unmount cycles.
@@ -298,7 +298,7 @@ export async function embedDashboard({
    try {
      const newGuestToken = await fetchGuestTokenWithTimeout();
      if (unmounted) return;
-      ourPort.emit("guestToken", { guestToken: newGuestToken });
+      ourPort.emit('guestToken', { guestToken: newGuestToken });
      refreshTimer = setTimeout(
        refreshGuestToken,
        getGuestTokenRefreshTiming(newGuestToken),
@@ -307,7 +307,7 @@ export async function embedDashboard({
      // A transient fetch failure or timeout must not permanently stop the
      // refresh cycle. Log it and retry so the session can recover once the
      // host callback succeeds again.
-      log("failed to refresh guest token, will retry:", err);
+      log('failed to refresh guest token, will retry:', err);
      if (unmounted) return;
      refreshTimer = setTimeout(
        refreshGuestToken,
@@ -325,7 +325,7 @@ export async function embedDashboard({
  // Returns null if no callback provided or on error, allowing iframe to use default URL
  ourPort.start();
  ourPort.defineMethod(
-    "resolvePermalinkUrl",
+    'resolvePermalinkUrl',
    async ({ key }: { key: string }): Promise<string | null> => {
      if (!resolvePermalinkUrl) {
        return null;
@@ -333,14 +333,14 @@ export async function embedDashboard({
      try {
        return await resolvePermalinkUrl({ key });
      } catch (error) {
-        log("Error in resolvePermalinkUrl callback:", error);
+        log('Error in resolvePermalinkUrl callback:', error);
        return null;
      }
    },
  );

  function unmount() {
-    log("unmounting");
+    log('unmounting');
    unmounted = true;
    if (refreshTimer !== undefined) {
      clearTimeout(refreshTimer);
@@ -350,25 +350,24 @@ export async function embedDashboard({
    mountPoint.replaceChildren();
  }

-  const getScrollSize = () => ourPort.get<Size>("getScrollSize");
+  const getScrollSize = () => ourPort.get<Size>('getScrollSize');
  const getDashboardPermalink = (anchor: string) =>
-    ourPort.get<string>("getDashboardPermalink", { anchor });
-  const getActiveTabs = () => ourPort.get<string[]>("getActiveTabs");
-  const getDataMask = () => ourPort.get<Record<string, any>>("getDataMask");
-  const getChartStates = () =>
-    ourPort.get<Record<string, any>>("getChartStates");
+    ourPort.get<string>('getDashboardPermalink', { anchor });
+  const getActiveTabs = () => ourPort.get<string[]>('getActiveTabs');
+  const getDataMask = () => ourPort.get<Record<string, any>>('getDataMask');
+  const getChartStates = () => ourPort.get<Record<string, any>>('getChartStates');
  const getChartDataPayloads = (params?: { chartId?: number }) =>
-    ourPort.get<Record<string, any>>("getChartDataPayloads", params);
-  const observeDataMask = (callbackFn: ObserveDataMaskCallbackFn) => {
-    ourPort.defineMethod("observeDataMask", callbackFn);
+    ourPort.get<Record<string, any>>('getChartDataPayloads', params);
+  const observeDataMask = (
+    callbackFn: ObserveDataMaskCallbackFn,
+  ) => {
+    ourPort.defineMethod('observeDataMask', callbackFn);
  };
  // TODO: Add proper types once theming branch is merged
-  const setThemeConfig = async (
-    themeConfig: Record<string, any>,
-  ): Promise<void> => {
+  const setThemeConfig = async (themeConfig: Record<string, any>): Promise<void> => {
    try {
-      ourPort.emit("setThemeConfig", { themeConfig });
-      log("Theme config sent successfully (or at least message dispatched)");
+      ourPort.emit('setThemeConfig', { themeConfig });
+      log('Theme config sent successfully (or at least message dispatched)');
    } catch (error) {
      log(
        'Error sending theme config. Ensure the iframe side implements the "setThemeConfig" method.',
@@ -379,7 +378,7 @@ export async function embedDashboard({

  const setThemeMode = (mode: ThemeMode): void => {
    try {
-      ourPort.emit("setThemeMode", { mode });
+      ourPort.emit('setThemeMode', { mode });
      log(`Theme mode set to: ${mode}`);
    } catch (error) {
      log(
--- a/superset-embedded-sdk/src/withTimeout.test.ts
+++ b/superset-embedded-sdk/src/withTimeout.test.ts
@@ -18,23 +18,22 @@
 */

 import { withTimeout } from "./withTimeout";
-import { test, expect } from "vitest";

 test("resolves with the value when the promise settles in time", async () => {
  await expect(withTimeout(Promise.resolve("ok"), 1000, "fetch")).resolves.toBe(
-    "ok",
+    "ok"
  );
 });

 test("rejects when the promise does not settle within the timeout", async () => {
  const never = new Promise<string>(() => {});
  await expect(withTimeout(never, 10, "fetch")).rejects.toThrow(
-    /fetch did not resolve within 10ms/,
+    /fetch did not resolve within 10ms/
  );
 });

 test("passes the promise through unchanged when the timeout is disabled", async () => {
  await expect(withTimeout(Promise.resolve("ok"), 0, "fetch")).resolves.toBe(
-    "ok",
+    "ok"
  );
 });
--- a/superset-embedded-sdk/tsconfig.json
+++ b/superset-embedded-sdk/tsconfig.json
@@ -3,7 +3,7 @@
    // syntax rules
    "strict": true,

-    "moduleResolution": "bundler",
+    "moduleResolution": "node",

    // environment
    "target": "es6",
@@ -13,9 +13,7 @@
    // output
    "outDir": "./dist",
    "emitDeclarationOnly": true,
-    "declaration": true,
-
-    "types": ["node"]
+    "declaration": true
  },

  "include": [
@@ -23,6 +21,7 @@
  ],

  "exclude": [
+    "tests",
    "dist",
    "lib",
    "node_modules"
--- a/superset-embedded-sdk/webpack.config.js
+++ b/superset-embedded-sdk/webpack.config.js
@@ -17,19 +17,19 @@
 * under the License.
 */

-const path = require("path");
+const path = require('path');

 module.exports = {
-  entry: "./src/index.ts",
+  entry: './src/index.ts',
  output: {
-    filename: "index.js",
-    path: path.resolve(__dirname, "bundle"),
+    filename: 'index.js',
+    path: path.resolve(__dirname, 'bundle'),

    // this exposes the library's exports under a global variable
    library: {
      name: "supersetEmbeddedSdk",
-      type: "umd",
-    },
+      type: "umd"
+    }
  },
  devtool: "source-map",
  module: {
@@ -38,12 +38,12 @@ module.exports = {
        test: /\.[tj]s$/,
        // babel-loader is faster than ts-loader because it ignores types.
        // We do type checking in a separate process, so that's fine.
-        use: "babel-loader",
+        use: 'babel-loader',
        exclude: /node_modules/,
      },
    ],
  },
  resolve: {
-    extensions: [".ts", ".js"],
+    extensions: ['.ts', '.js'],
  },
 };
--- a/superset-frontend/babel.config.js
+++ b/superset-frontend/babel.config.js
@@ -44,6 +44,7 @@ module.exports = {
    '@babel/preset-typescript',
  ],
  plugins: [
+    'lodash',
    '@babel/plugin-syntax-dynamic-import',
    '@babel/plugin-transform-export-namespace-from',
    ['@babel/plugin-transform-class-properties', { loose: true }],
--- a/superset-frontend/cypress-base/cypress/e2e/database/modal.test.ts
+++ b/superset-frontend/cypress-base/cypress/e2e/database/modal.test.ts
@@ -0,0 +1,118 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import { DATABASE_LIST } from 'cypress/utils/urls';
+
+function closeModal() {
+  cy.get('body').then($body => {
+    if ($body.find('[data-test="database-modal"]').length) {
+      cy.get('[aria-label="Close"]').eq(1).click();
+    }
+  });
+}
+
+describe('Add database', () => {
+  before(() => {
+    cy.visit(DATABASE_LIST);
+  });
+
+  beforeEach(() => {
+    cy.intercept('POST', '**/api/v1/database/validate_parameters/**').as(
+      'validateParams',
+    );
+    cy.intercept('POST', '**/api/v1/database/').as('createDb');
+
+    closeModal();
+    cy.getBySel('btn-create-database').click();
+  });
+
+  it('should open dynamic form', () => {
+    cy.get('.preferred > :nth-child(1)').click();
+
+    cy.get('input[name="host"]').should('have.value', '');
+    cy.get('input[name="port"]').should('have.value', '');
+    cy.get('input[name="database"]').should('have.value', '');
+    cy.get('input[name="username"]').should('have.value', '');
+    cy.get('input[name="password"]').should('have.value', '');
+    cy.get('input[name="database_name"]').should('have.value', '');
+  });
+
+  it('should open sqlalchemy form', () => {
+    cy.get('.preferred > :nth-child(1)').click();
+    cy.getBySel('sqla-connect-btn').click();
+
+    cy.getBySel('database-name-input').should('be.visible');
+    cy.getBySel('sqlalchemy-uri-input').should('be.visible');
+  });
+
+  it('show error alerts on dynamic form for bad host', () => {
+    cy.get('.preferred > :nth-child(1)').click();
+
+    cy.get('input[name="host"]').type('badhost', { force: true });
+    cy.get('input[name="port"]').type('5432', { force: true });
+    cy.get('input[name="username"]').type('testusername', { force: true });
+    cy.get('input[name="database"]').type('testdb', { force: true });
+    cy.get('input[name="password"]').type('testpass', { force: true });
+
+    cy.get('body').click(0, 0);
+
+    cy.wait('@validateParams', { timeout: 30000 });
+
+    cy.getBySel('btn-submit-connection').should('not.be.disabled');
+    cy.getBySel('btn-submit-connection').click({ force: true });
+
+    cy.wait('@validateParams', { timeout: 30000 }).then(() => {
+      cy.wait('@createDb', { timeout: 60000 }).then(() => {
+        cy.contains(
+          '.ant-form-item-explain-error',
+          "The hostname provided can't be resolved",
+        ).should('exist');
+      });
+    });
+  });
+
+  it('show error alerts on dynamic form for bad port', () => {
+    cy.get('.preferred > :nth-child(1)').click();
+
+    cy.get('input[name="host"]').type('localhost', { force: true });
+    cy.get('body').click(0, 0);
+    cy.wait('@validateParams', { timeout: 30000 });
+
+    cy.get('input[name="port"]').type('5430', { force: true });
+    cy.get('input[name="database"]').type('testdb', { force: true });
+    cy.get('input[name="username"]').type('testusername', { force: true });
+
+    cy.wait('@validateParams', { timeout: 30000 });
+
+    cy.get('input[name="password"]').type('testpass', { force: true });
+    cy.wait('@validateParams');
+
+    cy.getBySel('btn-submit-connection').should('not.be.disabled');
+    cy.getBySel('btn-submit-connection').click({ force: true });
+    cy.wait('@validateParams', { timeout: 30000 }).then(() => {
+      cy.get('body').click(0, 0);
+      cy.getBySel('btn-submit-connection').click({ force: true });
+      cy.wait('@createDb', { timeout: 60000 }).then(() => {
+        cy.contains(
+          '.ant-form-item-explain-error',
+          'The port is closed',
+        ).should('exist');
+      });
+    });
+  });
+});
--- a/superset-frontend/cypress-base/package-lock.json
+++ b/superset-frontend/cypress-base/package-lock.json
@@ -27,6 +27,17 @@
        "tscw-config": "^1.1.2"
      }
    },
+    "node_modules/@ampproject/remapping": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.1.2.tgz",
+      "integrity": "sha512-hoyByceqwKirw7w3Z7gnIIZC3Wx3J484Y3L/cMpXFbr7d9ZQj2mODrirNzcJa+SM3UlpWXYvKV4RlRpFXlWgXg==",
+      "dependencies": {
+        "@jridgewell/trace-mapping": "^0.3.0"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
    "node_modules/@babel/code-frame": {
      "version": "7.12.11",
      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz",
@@ -37,35 +48,33 @@
      }
    },
    "node_modules/@babel/compat-data": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.29.7.tgz",
-      "integrity": "sha512-locTkQyKvwIEgBzVrn8693ebc97F2U8ZHjbXwDXJ5Fn2TCpNwTlKcaKLkdHop5c/icOFE7qt7Q9JC5hnKNa6Gg==",
-      "license": "MIT",
+      "version": "7.21.4",
+      "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.21.4.tgz",
+      "integrity": "sha512-/DYyDpeCfaVinT40FPGdkkb+lYSKvsVuMjDAG7jPOWWiM1ibOaB9CXJAlc4d1QpP/U2q2P9jbrSlClKSErd55g==",
      "engines": {
        "node": ">=6.9.0"
      }
    },
    "node_modules/@babel/core": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.29.7.tgz",
-      "integrity": "sha512-RgHBCvtjbOK2gXSNBNIkNoEc9qoVEtau3hj8gEqKQuL3HZAibKarWFEI3Lfm6EYKkLalOh8eSrj9b+ch9H/VBA==",
-      "license": "MIT",
+      "version": "7.17.5",
+      "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.17.5.tgz",
+      "integrity": "sha512-/BBMw4EvjmyquN5O+t5eh0+YqB3XXJkYD2cjKpYtWOfFy4lQ4UozNSmxAcWT8r2XtZs0ewG+zrfsqeR15i1ajA==",
      "dependencies": {
-        "@babel/code-frame": "^7.29.7",
-        "@babel/generator": "^7.29.7",
-        "@babel/helper-compilation-targets": "^7.29.7",
-        "@babel/helper-module-transforms": "^7.29.7",
-        "@babel/helpers": "^7.29.7",
-        "@babel/parser": "^7.29.7",
-        "@babel/template": "^7.29.7",
-        "@babel/traverse": "^7.29.7",
-        "@babel/types": "^7.29.7",
-        "@jridgewell/remapping": "^2.3.5",
-        "convert-source-map": "^2.0.0",
+        "@ampproject/remapping": "^2.1.0",
+        "@babel/code-frame": "^7.16.7",
+        "@babel/generator": "^7.17.3",
+        "@babel/helper-compilation-targets": "^7.16.7",
+        "@babel/helper-module-transforms": "^7.16.7",
+        "@babel/helpers": "^7.17.2",
+        "@babel/parser": "^7.17.3",
+        "@babel/template": "^7.16.7",
+        "@babel/traverse": "^7.17.3",
+        "@babel/types": "^7.17.0",
+        "convert-source-map": "^1.7.0",
        "debug": "^4.1.0",
        "gensync": "^1.0.0-beta.2",
-        "json5": "^2.2.3",
-        "semver": "^6.3.1"
+        "json5": "^2.1.2",
+        "semver": "^6.3.0"
      },
      "engines": {
        "node": ">=6.9.0"
@@ -76,94 +85,23 @@
      }
    },
    "node_modules/@babel/core/node_modules/@babel/code-frame": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.7.tgz",
-      "integrity": "sha512-Aup7aUOfpbAUg2ROOJN6Iw5f9DMBlzu0mIkm/malLQFN/YQgO48wCj0Kxa3sEHJvPVFg7siR+qRInwXd2qhQKw==",
-      "license": "MIT",
+      "version": "7.16.7",
+      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.16.7.tgz",
+      "integrity": "sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg==",
      "dependencies": {
-        "@babel/helper-validator-identifier": "^7.29.7",
-        "js-tokens": "^4.0.0",
-        "picocolors": "^1.1.1"
+        "@babel/highlight": "^7.16.7"
      },
      "engines": {
        "node": ">=6.9.0"
      }
    },
-    "node_modules/@babel/core/node_modules/@babel/helper-compilation-targets": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.29.7.tgz",
-      "integrity": "sha512-wem6WaBj4NaVYVdNhLPPVacES6ZJ+KBBfSkTMD3YZxbP3rm3Di85tJU5ljaUNhaOynt+Aj0xruhYuzQBt8n71g==",
-      "license": "MIT",
-      "dependencies": {
-        "@babel/compat-data": "^7.29.7",
-        "@babel/helper-validator-option": "^7.29.7",
-        "browserslist": "^4.24.0",
-        "lru-cache": "^5.1.1",
-        "semver": "^6.3.1"
-      },
-      "engines": {
-        "node": ">=6.9.0"
-      }
-    },
-    "node_modules/@babel/core/node_modules/@babel/helper-module-imports": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.29.7.tgz",
-      "integrity": "sha512-ejHwrQQYcm9xnTivShn2IDOlIzInN34AXskvq9QicvCtEzq1Vzclu/tKF8Jq1Cg8JG2GL6/EmjgsCT7lXepE3g==",
-      "license": "MIT",
-      "dependencies": {
-        "@babel/traverse": "^7.29.7",
-        "@babel/types": "^7.29.7"
-      },
-      "engines": {
-        "node": ">=6.9.0"
-      }
-    },
-    "node_modules/@babel/core/node_modules/@babel/helper-module-transforms": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.29.7.tgz",
-      "integrity": "sha512-UPUVSyXbOh627KiCIGQSgwWzGeBKLkaJ9PJEdrngIwMSzxLR4jS4+f1f1jb7VzBbg8nFLaYotvVPFCTqdrmTAg==",
-      "license": "MIT",
-      "dependencies": {
-        "@babel/helper-module-imports": "^7.29.7",
-        "@babel/helper-validator-identifier": "^7.29.7",
-        "@babel/traverse": "^7.29.7"
-      },
-      "engines": {
-        "node": ">=6.9.0"
-      },
-      "peerDependencies": {
-        "@babel/core": "^7.0.0"
-      }
-    },
-    "node_modules/@babel/core/node_modules/convert-source-map": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
-      "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==",
-      "license": "MIT"
-    },
-    "node_modules/@babel/core/node_modules/lru-cache": {
-      "version": "5.1.1",
-      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz",
-      "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==",
-      "license": "ISC",
-      "dependencies": {
-        "yallist": "^3.0.2"
-      }
-    },
-    "node_modules/@babel/core/node_modules/yallist": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
-      "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==",
-      "license": "ISC"
-    },
    "node_modules/@babel/generator": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.29.7.tgz",
-      "integrity": "sha512-DkXD5OJQaAQIdZ1bt3UZdEnHAn9Imd3IVBdX03UFe+ony9Ojw5pzr9YVKGDY1jt+Gcn/FnGkNf8r+Vj5NOJWtQ==",
-      "license": "MIT",
+      "version": "7.29.1",
+      "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.29.1.tgz",
+      "integrity": "sha512-qsaF+9Qcm2Qv8SRIMMscAvG4O3lJ0F1GuMo5HR/Bp02LopNgnZBC/EkbevHFeGs4ls/oPz9v+Bsmzbkbe+0dUw==",
      "dependencies": {
-        "@babel/parser": "^7.29.7",
-        "@babel/types": "^7.29.7",
+        "@babel/parser": "^7.29.0",
+        "@babel/types": "^7.29.0",
        "@jridgewell/gen-mapping": "^0.3.12",
        "@jridgewell/trace-mapping": "^0.3.28",
        "jsesc": "^3.0.2"
@@ -201,7 +139,6 @@
      "version": "7.21.4",
      "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.21.4.tgz",
      "integrity": "sha512-Fa0tTuOXZ1iL8IeDFUWCzjZcn+sJGd9RZdH9esYVjEejGmzf+FFYQpMi/kZUk2kPy/q1H3/GPw7np8qar/stfg==",
-      "peer": true,
      "dependencies": {
        "@babel/compat-data": "^7.21.4",
        "@babel/helper-validator-option": "^7.21.0",
@@ -220,7 +157,6 @@
      "version": "5.1.1",
      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz",
      "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==",
-      "peer": true,
      "dependencies": {
        "yallist": "^3.0.2"
      }
@@ -228,8 +164,7 @@
    "node_modules/@babel/helper-compilation-targets/node_modules/yallist": {
      "version": "3.1.1",
      "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
-      "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==",
-      "peer": true
+      "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g=="
    },
    "node_modules/@babel/helper-create-class-features-plugin": {
      "version": "7.21.4",
@@ -321,10 +256,9 @@
      }
    },
    "node_modules/@babel/helper-globals": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-globals/-/helper-globals-7.29.7.tgz",
-      "integrity": "sha512-3nQVUAtvkKH9zahfWgw96Jc/uFOmjACE1kQz82E2lqWmHBgjzbNlsC22nuQTfahmWeQtTq5nQ/4Nnd2A1wj4zA==",
-      "license": "MIT",
+      "version": "7.28.0",
+      "resolved": "https://registry.npmjs.org/@babel/helper-globals/-/helper-globals-7.28.0.tgz",
+      "integrity": "sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw==",
      "engines": {
        "node": ">=6.9.0"
      }
@@ -345,7 +279,6 @@
      "version": "7.28.6",
      "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.28.6.tgz",
      "integrity": "sha512-l5XkZK7r7wa9LucGw9LwZyyCUscb4x37JWTPz7swwFE/0FMQAGpiWUZn8u9DzkSBWEcK25jmvubfpw2dnAMdbw==",
-      "peer": true,
      "dependencies": {
        "@babel/traverse": "^7.28.6",
        "@babel/types": "^7.28.6"
@@ -358,7 +291,6 @@
      "version": "7.28.6",
      "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.28.6.tgz",
      "integrity": "sha512-67oXFAYr2cDLDVGLXTEABjdBJZ6drElUSI7WKp70NrpyISso3plG9SAGEF6y7zbha/wOzUByWWTJvEDVNIUGcA==",
-      "peer": true,
      "dependencies": {
        "@babel/helper-module-imports": "^7.28.6",
        "@babel/helper-validator-identifier": "^7.28.5",
@@ -464,28 +396,25 @@
      }
    },
    "node_modules/@babel/helper-string-parser": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.29.7.tgz",
-      "integrity": "sha512-Pb5ijPrZ89GDH8223L4UP8i6QApWxs04RbPQJTeWDV0/keR2E36MeKnyr6LYmUUvqRRI+Iv87SuF1W6ErINzYw==",
-      "license": "MIT",
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz",
+      "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==",
      "engines": {
        "node": ">=6.9.0"
      }
    },
    "node_modules/@babel/helper-validator-identifier": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.29.7.tgz",
-      "integrity": "sha512-qehxGkRj55h/ff8EMaJ+cYhyaKlHIxqYDn682wQD7RNp9UujOQsHog2uS0r2vzr4pW+sXf90NeeayjcNaX3fFg==",
-      "license": "MIT",
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz",
+      "integrity": "sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==",
      "engines": {
        "node": ">=6.9.0"
      }
    },
    "node_modules/@babel/helper-validator-option": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.29.7.tgz",
-      "integrity": "sha512-N9ZErrD+yW5geCDtBqnOoxmR8+tNKiGuxKlDpuJxfsqpa2dFcexaziGAE/qoHLiDDreVNMupxGmSoNlyvsA3gw==",
-      "license": "MIT",
+      "version": "7.21.0",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.21.0.tgz",
+      "integrity": "sha512-rmL/B8/f0mKS2baE9ZpyTcTavvEuWhTTW8amjzXNvYG4AwBsqTLikfXsEofsJEfKHf+HQVQbFOHy6o+4cnC/fQ==",
      "engines": {
        "node": ">=6.9.0"
      }
@@ -506,13 +435,13 @@
      }
    },
    "node_modules/@babel/helpers": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.29.7.tgz",
-      "integrity": "sha512-1k2lAGRMfHTcwuNYcCNUmaUffmQv8KWMfh2iJUUeRlwlwH4FdNG7mfPI10NPfLHJFThE4Tyr4mv7kTNZOiPuBg==",
+      "version": "7.26.10",
+      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.10.tgz",
+      "integrity": "sha512-UPYc3SauzZ3JGgj87GgZ89JVdC5dj0AoetR5Bw6wj4niittNyFh6+eOGonYvJ1ao6B8lEa3Q3klS7ADZ53bc5g==",
      "license": "MIT",
      "dependencies": {
-        "@babel/template": "^7.29.7",
-        "@babel/types": "^7.29.7"
+        "@babel/template": "^7.26.9",
+        "@babel/types": "^7.26.10"
      },
      "engines": {
        "node": ">=6.9.0"
@@ -522,7 +451,6 @@
      "version": "7.22.20",
      "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz",
      "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==",
-      "peer": true,
      "dependencies": {
        "@babel/helper-validator-identifier": "^7.22.20",
        "chalk": "^2.4.2",
@@ -533,12 +461,11 @@
      }
    },
    "node_modules/@babel/parser": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.29.7.tgz",
-      "integrity": "sha512-hnORnjP/1P/zFEndoeX+n+t1RwWRJiJpM/jO7FW32Kn9r5+sJB2JWOdYo4L6k78j15eCwY3Gm/7364B1EMwtNg==",
-      "license": "MIT",
+      "version": "7.29.3",
+      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.29.3.tgz",
+      "integrity": "sha512-b3ctpQwp+PROvU/cttc4OYl4MzfJUWy6FZg+PMXfzmt/+39iHVF0sDfqay8TQM3JA2EUOyKcFZt75jWriQijsA==",
      "dependencies": {
-        "@babel/types": "^7.29.7"
+        "@babel/types": "^7.29.0"
      },
      "bin": {
        "parser": "bin/babel-parser.js"
@@ -1666,26 +1593,24 @@
      }
    },
    "node_modules/@babel/template": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.29.7.tgz",
-      "integrity": "sha512-puq+Gf35oI24FeN11LkoUQFqv9uwNeWpxXZi/Ji3rRIoKAzKnxRaZ+Gkj0vKS9ZCiTESfng1N9LyOyXvo+m+Gg==",
-      "license": "MIT",
+      "version": "7.28.6",
+      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.28.6.tgz",
+      "integrity": "sha512-YA6Ma2KsCdGb+WC6UpBVFJGXL58MDA6oyONbjyF/+5sBgxY/dwkhLogbMT2GXXyU84/IhRw/2D1Os1B/giz+BQ==",
      "dependencies": {
-        "@babel/code-frame": "^7.29.7",
-        "@babel/parser": "^7.29.7",
-        "@babel/types": "^7.29.7"
+        "@babel/code-frame": "^7.28.6",
+        "@babel/parser": "^7.28.6",
+        "@babel/types": "^7.28.6"
      },
      "engines": {
        "node": ">=6.9.0"
      }
    },
    "node_modules/@babel/template/node_modules/@babel/code-frame": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.7.tgz",
-      "integrity": "sha512-Aup7aUOfpbAUg2ROOJN6Iw5f9DMBlzu0mIkm/malLQFN/YQgO48wCj0Kxa3sEHJvPVFg7siR+qRInwXd2qhQKw==",
-      "license": "MIT",
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.0.tgz",
+      "integrity": "sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==",
      "dependencies": {
-        "@babel/helper-validator-identifier": "^7.29.7",
+        "@babel/helper-validator-identifier": "^7.28.5",
        "js-tokens": "^4.0.0",
        "picocolors": "^1.1.1"
      },
@@ -1694,17 +1619,16 @@
      }
    },
    "node_modules/@babel/traverse": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.29.7.tgz",
-      "integrity": "sha512-EhlfNQtZ+NK22w5BM61ciuiq1m58ed33Wr1Xan//ZRTy6hgjnwyCffRYwzsGXdASJSUJ1guZILsErh1eQcl+zw==",
-      "license": "MIT",
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.29.0.tgz",
+      "integrity": "sha512-4HPiQr0X7+waHfyXPZpWPfWL/J7dcN1mx9gL6WdQVMbPnF3+ZhSMs8tCxN7oHddJE9fhNE7+lxdnlyemKfJRuA==",
      "dependencies": {
-        "@babel/code-frame": "^7.29.7",
-        "@babel/generator": "^7.29.7",
-        "@babel/helper-globals": "^7.29.7",
-        "@babel/parser": "^7.29.7",
-        "@babel/template": "^7.29.7",
-        "@babel/types": "^7.29.7",
+        "@babel/code-frame": "^7.29.0",
+        "@babel/generator": "^7.29.0",
+        "@babel/helper-globals": "^7.28.0",
+        "@babel/parser": "^7.29.0",
+        "@babel/template": "^7.28.6",
+        "@babel/types": "^7.29.0",
        "debug": "^4.3.1"
      },
      "engines": {
@@ -1712,12 +1636,11 @@
      }
    },
    "node_modules/@babel/traverse/node_modules/@babel/code-frame": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.7.tgz",
-      "integrity": "sha512-Aup7aUOfpbAUg2ROOJN6Iw5f9DMBlzu0mIkm/malLQFN/YQgO48wCj0Kxa3sEHJvPVFg7siR+qRInwXd2qhQKw==",
-      "license": "MIT",
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.0.tgz",
+      "integrity": "sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==",
      "dependencies": {
-        "@babel/helper-validator-identifier": "^7.29.7",
+        "@babel/helper-validator-identifier": "^7.28.5",
        "js-tokens": "^4.0.0",
        "picocolors": "^1.1.1"
      },
@@ -1726,13 +1649,12 @@
      }
    },
    "node_modules/@babel/types": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.29.7.tgz",
-      "integrity": "sha512-4zBIxpPzowiZpusoFkyGVwakdRJUyuH5PxQ/PrqghfdFWWasvnCdPfQXHrenDai+gyLARulZjZowCOj6fjT4pA==",
-      "license": "MIT",
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.29.0.tgz",
+      "integrity": "sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==",
      "dependencies": {
-        "@babel/helper-string-parser": "^7.29.7",
-        "@babel/helper-validator-identifier": "^7.29.7"
+        "@babel/helper-string-parser": "^7.27.1",
+        "@babel/helper-validator-identifier": "^7.28.5"
      },
      "engines": {
        "node": ">=6.9.0"
@@ -2171,16 +2093,6 @@
        "@jridgewell/trace-mapping": "^0.3.24"
      }
    },
-    "node_modules/@jridgewell/remapping": {
-      "version": "2.3.5",
-      "resolved": "https://registry.npmjs.org/@jridgewell/remapping/-/remapping-2.3.5.tgz",
-      "integrity": "sha512-LI9u/+laYG4Ds1TDKSJW2YPrIlcVYOwi2fUC6xB43lueCjgxV4lffOCZCtYFiH6TNOX+tQKXx97T4IKHbhyHEQ==",
-      "license": "MIT",
-      "dependencies": {
-        "@jridgewell/gen-mapping": "^0.3.5",
-        "@jridgewell/trace-mapping": "^0.3.24"
-      }
-    },
    "node_modules/@jridgewell/resolve-uri": {
      "version": "3.1.0",
      "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz",
@@ -3441,7 +3353,6 @@
      "version": "2.4.2",
      "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
      "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-      "peer": true,
      "dependencies": {
        "ansi-styles": "^3.2.1",
        "escape-string-regexp": "^1.0.5",
@@ -3455,7 +3366,6 @@
      "version": "3.2.1",
      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
      "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-      "peer": true,
      "dependencies": {
        "color-convert": "^1.9.0"
      },
@@ -3581,7 +3491,6 @@
      "version": "1.9.3",
      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
      "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-      "peer": true,
      "dependencies": {
        "color-name": "1.1.3"
      }
@@ -3589,8 +3498,7 @@
    "node_modules/color-name": {
      "version": "1.1.3",
      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-      "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=",
-      "peer": true
+      "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
    },
    "node_modules/colorette": {
      "version": "1.4.0",
@@ -5076,7 +4984,6 @@
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
      "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=",
-      "peer": true,
      "engines": {
        "node": ">=4"
      }
@@ -7971,7 +7878,6 @@
      "version": "5.5.0",
      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
      "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-      "peer": true,
      "dependencies": {
        "has-flag": "^3.0.0"
      },
@@ -8864,6 +8770,14 @@
    }
  },
  "dependencies": {
+    "@ampproject/remapping": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.1.2.tgz",
+      "integrity": "sha512-hoyByceqwKirw7w3Z7gnIIZC3Wx3J484Y3L/cMpXFbr7d9ZQj2mODrirNzcJa+SM3UlpWXYvKV4RlRpFXlWgXg==",
+      "requires": {
+        "@jridgewell/trace-mapping": "^0.3.0"
+      }
+    },
    "@babel/code-frame": {
      "version": "7.12.11",
      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz",
@@ -8874,100 +8788,49 @@
      }
    },
    "@babel/compat-data": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.29.7.tgz",
-      "integrity": "sha512-locTkQyKvwIEgBzVrn8693ebc97F2U8ZHjbXwDXJ5Fn2TCpNwTlKcaKLkdHop5c/icOFE7qt7Q9JC5hnKNa6Gg=="
+      "version": "7.21.4",
+      "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.21.4.tgz",
+      "integrity": "sha512-/DYyDpeCfaVinT40FPGdkkb+lYSKvsVuMjDAG7jPOWWiM1ibOaB9CXJAlc4d1QpP/U2q2P9jbrSlClKSErd55g=="
    },
    "@babel/core": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.29.7.tgz",
-      "integrity": "sha512-RgHBCvtjbOK2gXSNBNIkNoEc9qoVEtau3hj8gEqKQuL3HZAibKarWFEI3Lfm6EYKkLalOh8eSrj9b+ch9H/VBA==",
+      "version": "7.17.5",
+      "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.17.5.tgz",
+      "integrity": "sha512-/BBMw4EvjmyquN5O+t5eh0+YqB3XXJkYD2cjKpYtWOfFy4lQ4UozNSmxAcWT8r2XtZs0ewG+zrfsqeR15i1ajA==",
      "requires": {
-        "@babel/code-frame": "^7.29.7",
-        "@babel/generator": "^7.29.7",
-        "@babel/helper-compilation-targets": "^7.29.7",
-        "@babel/helper-module-transforms": "^7.29.7",
-        "@babel/helpers": "^7.29.7",
-        "@babel/parser": "^7.29.7",
-        "@babel/template": "^7.29.7",
-        "@babel/traverse": "^7.29.7",
-        "@babel/types": "^7.29.7",
-        "@jridgewell/remapping": "^2.3.5",
-        "convert-source-map": "^2.0.0",
+        "@ampproject/remapping": "^2.1.0",
+        "@babel/code-frame": "^7.16.7",
+        "@babel/generator": "^7.17.3",
+        "@babel/helper-compilation-targets": "^7.16.7",
+        "@babel/helper-module-transforms": "^7.16.7",
+        "@babel/helpers": "^7.17.2",
+        "@babel/parser": "^7.17.3",
+        "@babel/template": "^7.16.7",
+        "@babel/traverse": "^7.17.3",
+        "@babel/types": "^7.17.0",
+        "convert-source-map": "^1.7.0",
        "debug": "^4.1.0",
        "gensync": "^1.0.0-beta.2",
-        "json5": "^2.2.3",
-        "semver": "^6.3.1"
+        "json5": "^2.1.2",
+        "semver": "^6.3.0"
      },
      "dependencies": {
        "@babel/code-frame": {
-          "version": "7.29.7",
-          "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.7.tgz",
-          "integrity": "sha512-Aup7aUOfpbAUg2ROOJN6Iw5f9DMBlzu0mIkm/malLQFN/YQgO48wCj0Kxa3sEHJvPVFg7siR+qRInwXd2qhQKw==",
+          "version": "7.16.7",
+          "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.16.7.tgz",
+          "integrity": "sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg==",
          "requires": {
-            "@babel/helper-validator-identifier": "^7.29.7",
-            "js-tokens": "^4.0.0",
-            "picocolors": "^1.1.1"
+            "@babel/highlight": "^7.16.7"
          }
-        },
-        "@babel/helper-compilation-targets": {
-          "version": "7.29.7",
-          "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.29.7.tgz",
-          "integrity": "sha512-wem6WaBj4NaVYVdNhLPPVacES6ZJ+KBBfSkTMD3YZxbP3rm3Di85tJU5ljaUNhaOynt+Aj0xruhYuzQBt8n71g==",
-          "requires": {
-            "@babel/compat-data": "^7.29.7",
-            "@babel/helper-validator-option": "^7.29.7",
-            "browserslist": "^4.24.0",
-            "lru-cache": "^5.1.1",
-            "semver": "^6.3.1"
-          }
-        },
-        "@babel/helper-module-imports": {
-          "version": "7.29.7",
-          "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.29.7.tgz",
-          "integrity": "sha512-ejHwrQQYcm9xnTivShn2IDOlIzInN34AXskvq9QicvCtEzq1Vzclu/tKF8Jq1Cg8JG2GL6/EmjgsCT7lXepE3g==",
-          "requires": {
-            "@babel/traverse": "^7.29.7",
-            "@babel/types": "^7.29.7"
-          }
-        },
-        "@babel/helper-module-transforms": {
-          "version": "7.29.7",
-          "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.29.7.tgz",
-          "integrity": "sha512-UPUVSyXbOh627KiCIGQSgwWzGeBKLkaJ9PJEdrngIwMSzxLR4jS4+f1f1jb7VzBbg8nFLaYotvVPFCTqdrmTAg==",
-          "requires": {
-            "@babel/helper-module-imports": "^7.29.7",
-            "@babel/helper-validator-identifier": "^7.29.7",
-            "@babel/traverse": "^7.29.7"
-          }
-        },
-        "convert-source-map": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
-          "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg=="
-        },
-        "lru-cache": {
-          "version": "5.1.1",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz",
-          "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==",
-          "requires": {
-            "yallist": "^3.0.2"
-          }
-        },
-        "yallist": {
-          "version": "3.1.1",
-          "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
-          "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g=="
        }
      }
    },
    "@babel/generator": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.29.7.tgz",
-      "integrity": "sha512-DkXD5OJQaAQIdZ1bt3UZdEnHAn9Imd3IVBdX03UFe+ony9Ojw5pzr9YVKGDY1jt+Gcn/FnGkNf8r+Vj5NOJWtQ==",
+      "version": "7.29.1",
+      "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.29.1.tgz",
+      "integrity": "sha512-qsaF+9Qcm2Qv8SRIMMscAvG4O3lJ0F1GuMo5HR/Bp02LopNgnZBC/EkbevHFeGs4ls/oPz9v+Bsmzbkbe+0dUw==",
      "requires": {
-        "@babel/parser": "^7.29.7",
-        "@babel/types": "^7.29.7",
+        "@babel/parser": "^7.29.0",
+        "@babel/types": "^7.29.0",
        "@jridgewell/gen-mapping": "^0.3.12",
        "@jridgewell/trace-mapping": "^0.3.28",
        "jsesc": "^3.0.2"
@@ -8996,7 +8859,6 @@
      "version": "7.21.4",
      "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.21.4.tgz",
      "integrity": "sha512-Fa0tTuOXZ1iL8IeDFUWCzjZcn+sJGd9RZdH9esYVjEejGmzf+FFYQpMi/kZUk2kPy/q1H3/GPw7np8qar/stfg==",
-      "peer": true,
      "requires": {
        "@babel/compat-data": "^7.21.4",
        "@babel/helper-validator-option": "^7.21.0",
@@ -9009,7 +8871,6 @@
          "version": "5.1.1",
          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz",
          "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==",
-          "peer": true,
          "requires": {
            "yallist": "^3.0.2"
          }
@@ -9017,8 +8878,7 @@
        "yallist": {
          "version": "3.1.1",
          "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
-          "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==",
-          "peer": true
+          "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g=="
        }
      }
    },
@@ -9088,9 +8948,9 @@
      }
    },
    "@babel/helper-globals": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-globals/-/helper-globals-7.29.7.tgz",
-      "integrity": "sha512-3nQVUAtvkKH9zahfWgw96Jc/uFOmjACE1kQz82E2lqWmHBgjzbNlsC22nuQTfahmWeQtTq5nQ/4Nnd2A1wj4zA=="
+      "version": "7.28.0",
+      "resolved": "https://registry.npmjs.org/@babel/helper-globals/-/helper-globals-7.28.0.tgz",
+      "integrity": "sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw=="
    },
    "@babel/helper-member-expression-to-functions": {
      "version": "7.21.0",
@@ -9105,7 +8965,6 @@
      "version": "7.28.6",
      "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.28.6.tgz",
      "integrity": "sha512-l5XkZK7r7wa9LucGw9LwZyyCUscb4x37JWTPz7swwFE/0FMQAGpiWUZn8u9DzkSBWEcK25jmvubfpw2dnAMdbw==",
-      "peer": true,
      "requires": {
        "@babel/traverse": "^7.28.6",
        "@babel/types": "^7.28.6"
@@ -9115,7 +8974,6 @@
      "version": "7.28.6",
      "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.28.6.tgz",
      "integrity": "sha512-67oXFAYr2cDLDVGLXTEABjdBJZ6drElUSI7WKp70NrpyISso3plG9SAGEF6y7zbha/wOzUByWWTJvEDVNIUGcA==",
-      "peer": true,
      "requires": {
        "@babel/helper-module-imports": "^7.28.6",
        "@babel/helper-validator-identifier": "^7.28.5",
@@ -9191,19 +9049,19 @@
      }
    },
    "@babel/helper-string-parser": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.29.7.tgz",
-      "integrity": "sha512-Pb5ijPrZ89GDH8223L4UP8i6QApWxs04RbPQJTeWDV0/keR2E36MeKnyr6LYmUUvqRRI+Iv87SuF1W6ErINzYw=="
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz",
+      "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA=="
    },
    "@babel/helper-validator-identifier": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.29.7.tgz",
-      "integrity": "sha512-qehxGkRj55h/ff8EMaJ+cYhyaKlHIxqYDn682wQD7RNp9UujOQsHog2uS0r2vzr4pW+sXf90NeeayjcNaX3fFg=="
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz",
+      "integrity": "sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q=="
    },
    "@babel/helper-validator-option": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.29.7.tgz",
-      "integrity": "sha512-N9ZErrD+yW5geCDtBqnOoxmR8+tNKiGuxKlDpuJxfsqpa2dFcexaziGAE/qoHLiDDreVNMupxGmSoNlyvsA3gw=="
+      "version": "7.21.0",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.21.0.tgz",
+      "integrity": "sha512-rmL/B8/f0mKS2baE9ZpyTcTavvEuWhTTW8amjzXNvYG4AwBsqTLikfXsEofsJEfKHf+HQVQbFOHy6o+4cnC/fQ=="
    },
    "@babel/helper-wrap-function": {
      "version": "7.20.5",
@@ -9218,19 +9076,18 @@
      }
    },
    "@babel/helpers": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.29.7.tgz",
-      "integrity": "sha512-1k2lAGRMfHTcwuNYcCNUmaUffmQv8KWMfh2iJUUeRlwlwH4FdNG7mfPI10NPfLHJFThE4Tyr4mv7kTNZOiPuBg==",
+      "version": "7.26.10",
+      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.10.tgz",
+      "integrity": "sha512-UPYc3SauzZ3JGgj87GgZ89JVdC5dj0AoetR5Bw6wj4niittNyFh6+eOGonYvJ1ao6B8lEa3Q3klS7ADZ53bc5g==",
      "requires": {
-        "@babel/template": "^7.29.7",
-        "@babel/types": "^7.29.7"
+        "@babel/template": "^7.26.9",
+        "@babel/types": "^7.26.10"
      }
    },
    "@babel/highlight": {
      "version": "7.22.20",
      "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz",
      "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==",
-      "peer": true,
      "requires": {
        "@babel/helper-validator-identifier": "^7.22.20",
        "chalk": "^2.4.2",
@@ -9238,11 +9095,11 @@
      }
    },
    "@babel/parser": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.29.7.tgz",
-      "integrity": "sha512-hnORnjP/1P/zFEndoeX+n+t1RwWRJiJpM/jO7FW32Kn9r5+sJB2JWOdYo4L6k78j15eCwY3Gm/7364B1EMwtNg==",
+      "version": "7.29.3",
+      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.29.3.tgz",
+      "integrity": "sha512-b3ctpQwp+PROvU/cttc4OYl4MzfJUWy6FZg+PMXfzmt/+39iHVF0sDfqay8TQM3JA2EUOyKcFZt75jWriQijsA==",
      "requires": {
-        "@babel/types": "^7.29.7"
+        "@babel/types": "^7.29.0"
      }
    },
    "@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression": {
@@ -9994,21 +9851,21 @@
      }
    },
    "@babel/template": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.29.7.tgz",
-      "integrity": "sha512-puq+Gf35oI24FeN11LkoUQFqv9uwNeWpxXZi/Ji3rRIoKAzKnxRaZ+Gkj0vKS9ZCiTESfng1N9LyOyXvo+m+Gg==",
+      "version": "7.28.6",
+      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.28.6.tgz",
+      "integrity": "sha512-YA6Ma2KsCdGb+WC6UpBVFJGXL58MDA6oyONbjyF/+5sBgxY/dwkhLogbMT2GXXyU84/IhRw/2D1Os1B/giz+BQ==",
      "requires": {
-        "@babel/code-frame": "^7.29.7",
-        "@babel/parser": "^7.29.7",
-        "@babel/types": "^7.29.7"
+        "@babel/code-frame": "^7.28.6",
+        "@babel/parser": "^7.28.6",
+        "@babel/types": "^7.28.6"
      },
      "dependencies": {
        "@babel/code-frame": {
-          "version": "7.29.7",
-          "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.7.tgz",
-          "integrity": "sha512-Aup7aUOfpbAUg2ROOJN6Iw5f9DMBlzu0mIkm/malLQFN/YQgO48wCj0Kxa3sEHJvPVFg7siR+qRInwXd2qhQKw==",
+          "version": "7.29.0",
+          "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.0.tgz",
+          "integrity": "sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==",
          "requires": {
-            "@babel/helper-validator-identifier": "^7.29.7",
+            "@babel/helper-validator-identifier": "^7.28.5",
            "js-tokens": "^4.0.0",
            "picocolors": "^1.1.1"
          }
@@ -10016,25 +9873,25 @@
      }
    },
    "@babel/traverse": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.29.7.tgz",
-      "integrity": "sha512-EhlfNQtZ+NK22w5BM61ciuiq1m58ed33Wr1Xan//ZRTy6hgjnwyCffRYwzsGXdASJSUJ1guZILsErh1eQcl+zw==",
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.29.0.tgz",
+      "integrity": "sha512-4HPiQr0X7+waHfyXPZpWPfWL/J7dcN1mx9gL6WdQVMbPnF3+ZhSMs8tCxN7oHddJE9fhNE7+lxdnlyemKfJRuA==",
      "requires": {
-        "@babel/code-frame": "^7.29.7",
-        "@babel/generator": "^7.29.7",
-        "@babel/helper-globals": "^7.29.7",
-        "@babel/parser": "^7.29.7",
-        "@babel/template": "^7.29.7",
-        "@babel/types": "^7.29.7",
+        "@babel/code-frame": "^7.29.0",
+        "@babel/generator": "^7.29.0",
+        "@babel/helper-globals": "^7.28.0",
+        "@babel/parser": "^7.29.0",
+        "@babel/template": "^7.28.6",
+        "@babel/types": "^7.29.0",
        "debug": "^4.3.1"
      },
      "dependencies": {
        "@babel/code-frame": {
-          "version": "7.29.7",
-          "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.7.tgz",
-          "integrity": "sha512-Aup7aUOfpbAUg2ROOJN6Iw5f9DMBlzu0mIkm/malLQFN/YQgO48wCj0Kxa3sEHJvPVFg7siR+qRInwXd2qhQKw==",
+          "version": "7.29.0",
+          "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.0.tgz",
+          "integrity": "sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==",
          "requires": {
-            "@babel/helper-validator-identifier": "^7.29.7",
+            "@babel/helper-validator-identifier": "^7.28.5",
            "js-tokens": "^4.0.0",
            "picocolors": "^1.1.1"
          }
@@ -10042,12 +9899,12 @@
      }
    },
    "@babel/types": {
-      "version": "7.29.7",
-      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.29.7.tgz",
-      "integrity": "sha512-4zBIxpPzowiZpusoFkyGVwakdRJUyuH5PxQ/PrqghfdFWWasvnCdPfQXHrenDai+gyLARulZjZowCOj6fjT4pA==",
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.29.0.tgz",
+      "integrity": "sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==",
      "requires": {
-        "@babel/helper-string-parser": "^7.29.7",
-        "@babel/helper-validator-identifier": "^7.29.7"
+        "@babel/helper-string-parser": "^7.27.1",
+        "@babel/helper-validator-identifier": "^7.28.5"
      }
    },
    "@colors/colors": {
@@ -10369,7 +10226,7 @@
        "camelcase": "^5.3.1",
        "find-up": "^4.1.0",
        "get-package-type": "^0.1.0",
-        "js-yaml": "4.1.1",
+        "js-yaml": "^3.13.1",
        "resolve-from": "^5.0.0"
      },
      "dependencies": {
@@ -10379,8 +10236,7 @@
          "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q=="
        },
        "js-yaml": {
-          "version": "4.1.1",
-          "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
+          "version": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
          "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
          "requires": {
            "argparse": "^2.0.1"
@@ -10402,15 +10258,6 @@
        "@jridgewell/trace-mapping": "^0.3.24"
      }
    },
-    "@jridgewell/remapping": {
-      "version": "2.3.5",
-      "resolved": "https://registry.npmjs.org/@jridgewell/remapping/-/remapping-2.3.5.tgz",
-      "integrity": "sha512-LI9u/+laYG4Ds1TDKSJW2YPrIlcVYOwi2fUC6xB43lueCjgxV4lffOCZCtYFiH6TNOX+tQKXx97T4IKHbhyHEQ==",
-      "requires": {
-        "@jridgewell/gen-mapping": "^0.3.5",
-        "@jridgewell/trace-mapping": "^0.3.24"
-      }
-    },
    "@jridgewell/resolve-uri": {
      "version": "3.1.0",
      "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz",
@@ -11470,7 +11317,6 @@
      "version": "2.4.2",
      "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
      "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-      "peer": true,
      "requires": {
        "ansi-styles": "^3.2.1",
        "escape-string-regexp": "^1.0.5",
@@ -11481,7 +11327,6 @@
          "version": "3.2.1",
          "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
          "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-          "peer": true,
          "requires": {
            "color-convert": "^1.9.0"
          }
@@ -11574,7 +11419,6 @@
      "version": "1.9.3",
      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
      "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-      "peer": true,
      "requires": {
        "color-name": "1.1.3"
      }
@@ -11582,8 +11426,7 @@
    "color-name": {
      "version": "1.1.3",
      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-      "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=",
-      "peer": true
+      "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
    },
    "colorette": {
      "version": "1.4.0",
@@ -12703,8 +12546,7 @@
    "has-flag": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-      "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=",
-      "peer": true
+      "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0="
    },
    "has-symbols": {
      "version": "1.1.0",
@@ -13030,7 +12872,7 @@
      "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz",
      "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==",
      "requires": {
-        "@babel/core": "^7.29.6",
+        "@babel/core": "^7.7.5",
        "@istanbuljs/schema": "^0.1.2",
        "istanbul-lib-coverage": "^3.0.0",
        "semver": "^6.3.0"
@@ -14738,7 +14580,6 @@
      "version": "5.5.0",
      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
      "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-      "peer": true,
      "requires": {
        "has-flag": "^3.0.0"
      }
--- a/superset-frontend/cypress-base/package.json
+++ b/superset-frontend/cypress-base/package.json
@@ -34,7 +34,6 @@
    "tscw-config": "^1.1.2"
  },
  "overrides": {
-    "@babel/core": "^7.29.6",
    "cypress": {
      "form-data": "^2.3.4"
    },
--- a/superset-frontend/jest.config.js
+++ b/superset-frontend/jest.config.js
@@ -25,9 +25,6 @@ module.exports = {
    '\\.(css|less|geojson)$': '<rootDir>/spec/__mocks__/mockExportObject.js',
    '\\.(gif|ttf|eot|png|jpg)$': '<rootDir>/spec/__mocks__/mockExportString.js',
    '\\.svg$': '<rootDir>/spec/__mocks__/svgrMock.tsx',
-    // lodash-es is ESM (type: module) which jest.mock cannot intercept; alias to
-    // the CJS lodash build (identical API) so module mocks work in tests.
-    '^lodash-es$': '<rootDir>/node_modules/lodash',
    '^src/(.*)$': '<rootDir>/src/$1',
    '^spec/(.*)$': '<rootDir>/spec/$1',
    // mapping plugins of superset-ui to source code
--- a/superset-frontend/package-lock.json
+++ b/superset-frontend/package-lock.json
--- a/superset-frontend/package.json
+++ b/superset-frontend/package.json
@@ -192,13 +192,13 @@
    "json-bigint": "^1.0.0",
    "json-stringify-pretty-compact": "^4.0.0",
    "lodash": "^4.18.1",
-    "mapbox-gl": "^3.25.0",
+    "mapbox-gl": "^3.24.1",
    "markdown-to-jsx": "^9.8.2",
    "match-sorter": "^8.3.0",
    "memoize-one": "^6.0.0",
    "mousetrap": "^1.6.5",
    "mustache": "^4.2.0",
-    "nanoid": "^5.1.15",
+    "nanoid": "^5.1.11",
    "ol": "^10.9.0",
    "query-string": "9.4.0",
    "re-resizable": "^6.11.2",
@@ -237,10 +237,9 @@
    "use-event-callback": "^0.1.0",
    "use-immer": "^0.11.0",
    "use-query-params": "^2.2.2",
-    "uuid": "^14.0.1",
+    "uuid": "^14.0.0",
    "xlsx": "https://cdn.sheetjs.com/xlsx-0.20.3/xlsx-0.20.3.tgz",
-    "yargs": "^18.0.0",
-    "lodash-es": "^4.17.21"
+    "yargs": "^18.0.0"
  },
  "devDependencies": {
    "@babel/cli": "^7.29.7",
@@ -271,7 +270,7 @@
    "@storybook/test-runner": "0.24.4",
    "@svgr/webpack": "^8.1.0",
    "@swc/core": "^1.15.41",
-    "@swc/plugin-emotion": "^14.14.0",
+    "@swc/plugin-emotion": "^14.13.0",
    "@swc/plugin-transform-imports": "^12.5.0",
    "@testing-library/dom": "^9.3.4",
    "@testing-library/jest-dom": "^6.9.1",
@@ -284,7 +283,7 @@
    "@types/js-levenshtein": "^1.1.3",
    "@types/json-bigint": "^1.0.4",
    "@types/mousetrap": "^1.6.15",
-    "@types/node": "^26.0.0",
+    "@types/node": "^25.9.3",
    "@types/react": "^18.3.0",
    "@types/react-dom": "^18.3.0",
    "@types/react-loadable": "^5.5.11",
@@ -303,7 +302,8 @@
    "babel-loader": "^10.1.1",
    "babel-plugin-dynamic-import-node": "^2.3.3",
    "babel-plugin-jsx-remove-data-test-id": "^3.0.0",
-    "baseline-browser-mapping": "^2.10.38",
+    "babel-plugin-lodash": "^3.3.4",
+    "baseline-browser-mapping": "^2.10.37",
    "cheerio": "1.2.0",
    "concurrently": "^10.0.3",
    "copy-webpack-plugin": "^14.0.0",
@@ -350,7 +350,7 @@
    "process": "^0.11.10",
    "react-dnd-test-backend": "^16.0.1",
    "react-refresh": "^0.18.0",
-    "react-resizable": "^4.0.2",
+    "react-resizable": "^4.0.1",
    "redux-mock-store": "^1.5.4",
    "source-map": "^0.7.6",
    "source-map-support": "^0.5.21",
@@ -363,7 +363,7 @@
    "tscw-config": "^1.1.2",
    "tsx": "^4.22.4",
    "typescript": "5.4.5",
-    "unzipper": "^0.12.5",
+    "unzipper": "^0.12.3",
    "vm-browserify": "^1.1.2",
    "wait-on": "^9.0.10",
    "webpack": "^5.107.2",
@@ -372,8 +372,7 @@
    "webpack-dev-server": "^5.2.5",
    "webpack-manifest-plugin": "^6.0.1",
    "webpack-sources": "^3.5.0",
-    "webpack-visualizer-plugin2": "^2.0.0",
-    "@types/lodash-es": "^4.17.12"
+    "webpack-visualizer-plugin2": "^2.0.0"
  },
  "peerDependencies": {
    "ace-builds": "^1.41.0",
@@ -389,10 +388,6 @@
  "overrides": {
    "uuid": "$uuid",
    "core-js": "^3.38.1",
-    "dompurify": "^3.4.11",
-    "esbuild": "^0.28.1",
-    "http-proxy-middleware": "^2.0.10",
-    "tar": "^7.5.16",
    "puppeteer": "^22.4.1",
    "remark-gfm": "^3.0.1",
    "underscore": "^1.13.7",
--- a/superset-frontend/packages/superset-core/package.json
+++ b/superset-frontend/packages/superset-core/package.json
@@ -18,14 +18,6 @@
      "types": "./lib/authentication/index.d.ts",
      "default": "./lib/authentication/index.js"
    },
-    "./chat": {
-      "types": "./lib/chat/index.d.ts",
-      "default": "./lib/chat/index.js"
-    },
-    "./navigation": {
-      "types": "./lib/navigation/index.d.ts",
-      "default": "./lib/navigation/index.js"
-    },
    "./commands": {
      "types": "./lib/commands/index.d.ts",
      "default": "./lib/commands/index.js"
@@ -120,8 +112,5 @@
  },
  "publishConfig": {
    "access": "public"
-  },
-  "dependencies": {
-    "lodash-es": "^4.17.21"
  }
 }
--- a/superset-frontend/packages/superset-core/src/chat/index.ts
+++ b/superset-frontend/packages/superset-core/src/chat/index.ts
@@ -1,156 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-/**
- * @fileoverview Chat contribution API for Superset extensions.
- *
- * Chat is a dedicated contribution type: an extension registers
- * a chat via {@link registerChat} and the host owns where and how it is
- * mounted. The host applies singleton resolution — multiple chat extensions
- * may register, but exactly one is active at a time.
- *
- * @example
- * ```typescript
- * import { chat } from '@apache-superset/core';
- *
- * chat.registerChat(
- *   { id: 'acme.chat', name: 'Acme Chat' },
- *   AcmeTrigger,
- *   AcmePanel,
- * );
- * ```
- */
-
-import { ComponentType } from 'react';
-import type { Disposable, Event } from '../common';
-
-export interface Chat {
-  /** The unique identifier for the chat. */
-  id: string;
-  /** The display name of the chat. */
-  name: string;
-  /** Optional description of the chat. */
-  description?: string;
-}
-
-export type DisplayMode = 'floating' | 'panel';
-
-/**
- * Registers a chat provider. Only one chat is active at a time; the most
- * recently registered chat wins. Disposing the returned Disposable unregisters
- * the chat.
- *
- * @param chat The chat descriptor (id, name).
- * @param trigger The trigger component — the collapsed bubble entry point.
- *   Owns dynamic state such as unread counts.
- * @param panel The panel component, rendered in either display mode. In
- *   'floating' mode it appears as an overlay; in 'panel' mode it is docked
- *   alongside the main content.
- * @returns A Disposable that unregisters the chat when disposed.
- *
- * @example
- * ```typescript
- * chat.registerChat(
- *   { id: 'acme.chat', name: 'Acme Chat' },
- *   AcmeTrigger,
- *   AcmePanel,
- * );
- * ```
- */
-export declare function registerChat(
-  chat: Chat,
-  trigger: ComponentType,
-  panel: ComponentType,
-): Disposable;
-
-/**
- * Returns the active chat descriptor, or undefined if none is registered.
- */
-export declare function getChat(): Chat | undefined;
-
-/**
- * Event fired when a chat is registered.
- */
-export declare const onDidRegisterChat: Event<Chat>;
-
-/**
- * Event fired when a chat is unregistered.
- */
-export declare const onDidUnregisterChat: Event<Chat>;
-
-/**
- * Opens the active chat's panel.
- *
- * Acts on whichever chat is active, regardless of which extension calls it.
- * No-op when no chat is registered or the panel is already open.
- */
-export declare function open(): void;
-
-/**
- * Closes the active chat's panel.
- *
- * Acts on whichever chat is active, regardless of which extension calls it.
- * No-op when the panel is not open.
- */
-export declare function close(): void;
-
-/**
- * Returns whether the active chat's panel is currently open.
- */
-export declare function isOpen(): boolean;
-
-/**
- * Event fired when the chat panel opens. Also fired by the host's own
- * controls, not only by an extension's open() call.
- */
-export declare const onDidOpen: Event<void>;
-
-/**
- * Event fired when the chat panel closes, whether triggered by an extension
- * or by the host.
- */
-export declare const onDidClose: Event<void>;
-
-/**
- * Returns the current display mode.
- */
-export declare function getDisplayMode(): DisplayMode;
-
-/**
- * Sets the display mode. The mode is host-global and applies to whichever
- * chat is active. Use {@link onDidChangeDisplayMode} to observe all changes,
- * including those triggered by the host.
- */
-export declare function setDisplayMode(displayMode: DisplayMode): void;
-
-/**
- * Event fired when the display mode changes, whether triggered by an
- * extension via setDisplayMode() or by host-provided controls.
- */
-export declare const onDidChangeDisplayMode: Event<DisplayMode>;
-
-/**
- * Event fired when the panel is resized in panel mode. Not all hosts provide
- * a resizer — do not rely on this event firing.
- */
-export declare const onDidResizePanel: Event<{ width: number }>;
-
-// TODO: client actions API — tool availability functions will be added here
-// once the client_actions SIP is finalized. The chat namespace is the
-// intended integration point between the two SIPs.
--- a/superset-frontend/packages/superset-core/src/common/index.ts
+++ b/superset-frontend/packages/superset-core/src/common/index.ts
@@ -223,6 +223,8 @@ export interface Extension {
  dependencies: string[];
  /** Human-readable description of the extension */
  description: string;
+  /** List of other extensions that this extension depends on */
+  extensionDependencies: string[];
  /** Unique identifier for the extension */
  id: string;
  /** Human-readable name of the extension */
--- a/superset-frontend/packages/superset-core/src/contributions/index.ts
+++ b/superset-frontend/packages/superset-core/src/contributions/index.ts
@@ -23,10 +23,9 @@
 * This module defines the aggregate interfaces used by the extension.json
 * manifest and the `superset-extensions` build command. Individual metadata
 * types are defined in their respective namespace modules (commands, views,
- * menus, editors, chat) and re-exported here for the manifest schema.
+ * menus, editors) and re-exported here for the manifest schema.
 */

-import { Chat } from '../chat';
 import { Command } from '../commands';
 import { View } from '../views';
 import { Menu } from '../menus';
@@ -72,8 +71,7 @@ export interface MenuContributions {
 }

 /**
- * Aggregates all contributions (commands, menus, views, editors, and chat)
- * provided by an extension or module.
+ * Aggregates all contributions (commands, menus, views, and editors) provided by an extension or module.
 */
 export interface Contributions {
  /** List of commands. */
@@ -84,10 +82,4 @@ export interface Contributions {
  views: ViewContributions;
  /** List of editors. */
  editors?: Editor[];
-  /**
-   * The chat contributed by the extension — at most one per extension, since
-   * the host applies singleton resolution and renders exactly one active
-   * chat at a time.
-   */
-  chat?: Chat;
 }
--- a/superset-frontend/packages/superset-core/src/index.ts
+++ b/superset-frontend/packages/superset-core/src/index.ts
@@ -18,12 +18,10 @@
 */
 export * as common from './common';
 export * as authentication from './authentication';
-export * as chat from './chat';
 export * as commands from './commands';
 export * as editors from './editors';
 export * as extensions from './extensions';
 export * as menus from './menus';
-export * as navigation from './navigation';
 export * as sqlLab from './sqlLab';
 export * as views from './views';
 export * as contributions from './contributions';
--- a/superset-frontend/packages/superset-core/src/navigation/index.ts
+++ b/superset-frontend/packages/superset-core/src/navigation/index.ts
@@ -1,81 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-/**
- * @fileoverview Navigation namespace for Superset extensions.
- *
- * Exposes the current application surface so extensions can react to route
- * changes without polling. Entity-level context (chart, dashboard, dataset)
- * is intentionally not included here — surface-specific namespaces that
- * resolve entity payloads are introduced in later phases.
- */
-
-import { Event } from '../common';
-
-/**
- * The set of top-level application surfaces.
- *
- * `'explore'`, `'dashboard'` and `'dataset'` are the single-entity
- * editing/viewing surfaces. `'chart_list'`, `'dashboard_list'` and
- * `'dataset_list'` are the browse/list surfaces, distinct from those because no
- * single entity is active. `'sqllab'` is the SQL editor where
- * `sqlLab.getCurrentTab()` resolves; `'query_history'` and `'saved_queries'`
- * are the related SQL Lab browse pages, which are not the editor. `'home'` is
- * the welcome surface and the fallback for any route not explicitly enumerated.
- */
-export type Page =
-  | 'dashboard'
-  | 'dashboard_list'
-  | 'explore'
-  | 'chart_list'
-  | 'sqllab'
-  | 'query_history'
-  | 'saved_queries'
-  | 'dataset'
-  | 'dataset_list'
-  | 'home';
-
-/**
- * Returns the current page surface.
- *
- * @example
- * ```typescript
- * const page = navigation.getPage();
- * if (page === 'dashboard') {
- *   // react to being on a dashboard surface
- * }
- * ```
- */
-export declare function getPage(): Page;
-
-/**
- * Event fired whenever the user navigates to a different surface.
- *
- * @example
- * ```typescript
- * const sub = navigation.onDidChangePage(page => {
- *   if (page === 'dashboard') {
- *     // react to navigating onto a dashboard surface
- *   }
- * });
- * // later:
- * sub.dispose();
- * ```
- */
-export declare const onDidChangePage: Event<Page>;
--- a/superset-frontend/packages/superset-core/src/theme/Theme.tsx
+++ b/superset-frontend/packages/superset-core/src/theme/Theme.tsx
@@ -25,7 +25,7 @@ import {
  CacheProvider as EmotionCacheProvider,
 } from '@emotion/react';
 import createCache from '@emotion/cache';
-import { noop, mergeWith } from 'lodash-es';
+import { noop, mergeWith } from 'lodash';
 import { GlobalStyles } from './GlobalStyles';
 import {
  AntdThemeConfig,
--- a/superset-frontend/packages/superset-core/src/utils/isBlank.ts
+++ b/superset-frontend/packages/superset-core/src/utils/isBlank.ts
@@ -16,7 +16,7 @@
 * specific language governing permissions and limitations
 * under the License.
 */
-import { isEmpty, isNaN, isNil, isString, trim } from 'lodash-es';
+import { isEmpty, isNaN, isNil, isString, trim } from 'lodash';

 /**
 * Checks if a value is null, undefined, NaN, or a whitespace-only string.
--- a/superset-frontend/packages/superset-core/src/views/index.ts
+++ b/superset-frontend/packages/superset-core/src/views/index.ts
@@ -30,12 +30,12 @@
 *
 * views.registerView(
 *   { id: 'my_ext.result_stats', name: 'Result Stats', location: 'sqllab.panels' },
- *   ResultStatsPanel,
+ *   () => <ResultStatsPanel />,
 * );
 * ```
 */

-import { ComponentType } from 'react';
+import { ReactElement } from 'react';
 import { Disposable, Event } from '../common';

 /**
@@ -58,7 +58,7 @@ export interface View {
 *
 * @param view The view descriptor (id and name).
 * @param location The location where this view should appear (e.g. "sqllab.panels").
- * @param component The React component to render at that location.
+ * @param provider A function that returns the React element to render.
 * @returns A Disposable that unregisters the view when disposed.
 *
 * @example
@@ -66,14 +66,14 @@ export interface View {
 * views.registerView(
 *   { id: 'my_ext.result_stats', name: 'Result Stats' },
 *   'sqllab.panels',
- *   ResultStatsPanel,
+ *   () => <ResultStatsPanel />,
 * );
 * ```
 */
 export declare function registerView(
  view: View,
  location: string,
-  component: ComponentType,
+  provider: () => ReactElement,
 ): Disposable;

 /**
--- a/superset-frontend/packages/superset-ui-chart-controls/package.json
+++ b/superset-frontend/packages/superset-ui-chart-controls/package.json
@@ -27,8 +27,7 @@
    "@apache-superset/core": "*",
    "@types/react": "*",
    "lodash": "^4.18.1",
-    "tinycolor2": "*",
-    "lodash-es": "^4.17.21"
+    "tinycolor2": "*"
  },
  "peerDependencies": {
    "@ant-design/icons": "^5.6.1",
--- a/superset-frontend/packages/superset-ui-chart-controls/src/components/CertifiedIconWithTooltip.tsx
+++ b/superset-frontend/packages/superset-ui-chart-controls/src/components/CertifiedIconWithTooltip.tsx
@@ -16,7 +16,7 @@
 * specific language governing permissions and limitations
 * under the License.
 */
-import { kebabCase } from 'lodash-es';
+import { kebabCase } from 'lodash';
 import { t } from '@apache-superset/core/translation';
 import { useTheme, styled } from '@apache-superset/core/theme';
 import { Tooltip } from '@superset-ui/core/components';
--- a/superset-frontend/packages/superset-ui-chart-controls/src/operators/sortOperator.ts
+++ b/superset-frontend/packages/superset-ui-chart-controls/src/operators/sortOperator.ts
@@ -16,7 +16,7 @@
 * specific language governing permissions and limitationsxw
 * under the License.
 */
-import { isEmpty } from 'lodash-es';
+import { isEmpty } from 'lodash';
 import {
  ensureIsArray,
  getMetricLabel,
--- a/superset-frontend/packages/superset-ui-chart-controls/src/sections/advancedAnalytics.tsx
+++ b/superset-frontend/packages/superset-ui-chart-controls/src/sections/advancedAnalytics.tsx
@@ -132,26 +132,6 @@ export const advancedAnalyticsControls: ControlPanelSectionConfig = {
        },
      },
    ],
-    [
-      {
-        name: 'time_compare_full_range',
-        config: {
-          type: 'CheckboxControl',
-          label: t('Show full range for time shift'),
-          default: false,
-          description: t(
-            'Plot each time-shifted series across its full time range instead ' +
-              'of truncating it to the main series. Useful for comparing a ' +
-              'partial current period (e.g. today so far) against complete ' +
-              'prior periods (e.g. all of yesterday).',
-          ),
-          visibility: ({ controls }) =>
-            Boolean(controls?.time_compare?.value) &&
-            (!Array.isArray(controls?.time_compare?.value) ||
-              controls.time_compare.value.length > 0),
-        },
-      },
-    ],
    [
      {
        name: 'comparison_type',
--- a/superset-frontend/packages/superset-ui-chart-controls/src/shared-controls/components/RadioButtonControl.tsx
+++ b/superset-frontend/packages/superset-ui-chart-controls/src/shared-controls/components/RadioButtonControl.tsx
@@ -60,7 +60,7 @@ export default function RadioButtonControl({
  ...props
 }: RadioButtonControlProps) {
  const normalizedOptions = options.map(normalizeOption);
-  const currentValue = initialValue ?? normalizedOptions[0]?.value;
+  const currentValue = initialValue || normalizedOptions[0].value;

  return (
    <div>
--- a/superset-frontend/packages/superset-ui-chart-controls/src/shared-controls/sharedControls.tsx
+++ b/superset-frontend/packages/superset-ui-chart-controls/src/shared-controls/sharedControls.tsx
@@ -32,7 +32,7 @@
 * here's a list of the keys that are common to all controls, and as a result define the
 * control interface.
 */
-import { isEmpty } from 'lodash-es';
+import { isEmpty } from 'lodash';
 import { t } from '@apache-superset/core/translation';
 import {
  getCategoricalSchemeRegistry,
--- a/superset-frontend/packages/superset-ui-chart-controls/src/utils/getColorFormatters.ts
+++ b/superset-frontend/packages/superset-ui-chart-controls/src/utils/getColorFormatters.ts
@@ -17,7 +17,7 @@
 * under the License.
 */
 import memoizeOne from 'memoize-one';
-import { isString, isBoolean } from 'lodash-es';
+import { isString, isBoolean } from 'lodash';
 import { isBlank } from '@apache-superset/core/utils';
 import { addAlpha, DataRecord } from '@superset-ui/core';
 import tinycolor from 'tinycolor2';
--- a/superset-frontend/packages/superset-ui-chart-controls/test/operators/histogramOperator.test.ts
+++ b/superset-frontend/packages/superset-ui-chart-controls/test/operators/histogramOperator.test.ts
@@ -18,7 +18,7 @@
 */
 import { histogramOperator } from '@superset-ui/chart-controls';
 import { SqlaFormData, VizType } from '@superset-ui/core';
-import { omit } from 'lodash-es';
+import { omit } from 'lodash';

 const formData: SqlaFormData = {
  bins: 5,
--- a/superset-frontend/packages/superset-ui-chart-controls/test/shared-controls/components/RadioButtonControl.test.tsx
+++ b/superset-frontend/packages/superset-ui-chart-controls/test/shared-controls/components/RadioButtonControl.test.tsx
@@ -359,51 +359,6 @@ test('handles empty options array gracefully', () => {
  expect(container.querySelector('[role="tablist"]')).toBeInTheDocument();
 });

-test('currentValue is undefined when options are empty and no value is provided', () => {
-  expect(() => setup({ options: [] })).not.toThrow();
-  const { container } = setup({ options: [] });
-  expect(container.querySelectorAll('[id^="tab-"]').length).toBe(0);
-});
-
-test('preserves falsy numeric value 0 instead of falling back to first option', () => {
-  const { container } = setup({
-    options: [
-      [0, 'Zero'],
-      [1, 'One'],
-      [2, 'Two'],
-    ],
-    value: 0,
-  });
-
-  expect(container.querySelector('#tab-0')).toHaveAttribute(
-    'aria-selected',
-    'true',
-  );
-  expect(container.querySelector('#tab-1')).toHaveAttribute(
-    'aria-selected',
-    'false',
-  );
-});
-
-test('preserves falsy boolean value false instead of falling back to first option', () => {
-  const { container } = setup({
-    options: [
-      [true, 'True'],
-      [false, 'False'],
-    ],
-    value: false,
-  });
-
-  expect(container.querySelector('#tab-true')).toHaveAttribute(
-    'aria-selected',
-    'false',
-  );
-  expect(container.querySelector('#tab-false')).toHaveAttribute(
-    'aria-selected',
-    'true',
-  );
-});
-
 test('renders with hovered prop', () => {
  const { container } = setup({
    label: 'Test',
--- a/superset-frontend/packages/superset-ui-core/package.json
+++ b/superset-frontend/packages/superset-ui-core/package.json
@@ -52,7 +52,7 @@
    "parse-ms": "^4.0.0",
    "re-resizable": "^6.11.2",
    "react-ace": "^14.0.1",
-    "react-draggable": "^4.7.0",
+    "react-draggable": "^4.6.0",
    "react-error-boundary": "6.0.0",
    "react-js-cron": "^5.2.0",
    "react-markdown": "^8.0.7",
@@ -66,8 +66,7 @@
    "reselect": "^5.2.0",
    "rison": "^0.1.1",
    "seedrandom": "^3.0.5",
-    "xss": "^1.0.15",
-    "lodash-es": "^4.17.21"
+    "xss": "^1.0.15"
  },
  "devDependencies": {
    "@emotion/styled": "^11.14.1",
@@ -78,7 +77,7 @@
    "@types/d3-time-format": "^4.0.3",
    "@types/jquery": "^4.0.1",
    "@types/lodash": "^4.17.24",
-    "@types/node": "^26.0.0",
+    "@types/node": "^25.9.3",
    "@types/prop-types": "^15.7.15",
    "@types/react-syntax-highlighter": "^15.5.13",
    "@types/react-table": "^7.7.20",
@@ -86,7 +85,7 @@
    "@types/seedrandom": "^3.0.8",
    "fetch-mock": "^12.6.0",
    "resize-observer-polyfill": "1.5.1",
-    "timezone-mock": "^1.4.3"
+    "timezone-mock": "^1.4.2"
  },
  "peerDependencies": {
    "@emotion/cache": "^11.4.0",
--- a/superset-frontend/packages/superset-ui-core/src/color/CategoricalColorNamespace.ts
+++ b/superset-frontend/packages/superset-ui-core/src/color/CategoricalColorNamespace.ts
@@ -17,7 +17,7 @@
 * under the License.
 */

-import { cloneDeep } from 'lodash-es';
+import { cloneDeep } from 'lodash';
 import CategoricalColorScale from './CategoricalColorScale';
 import { ColorsLookup } from './types';
 import getCategoricalSchemeRegistry from './CategoricalSchemeRegistrySingleton';
--- a/superset-frontend/packages/superset-ui-core/src/components/DropdownButton/index.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/DropdownButton/index.tsx
@@ -17,7 +17,7 @@
 * under the License.
 */
 import { Dropdown } from 'antd';
-import { kebabCase } from 'lodash-es';
+import { kebabCase } from 'lodash';
 import { css, useTheme } from '@apache-superset/core/theme';
 import { Tooltip } from '../Tooltip';
 import type { DropdownButtonProps } from './types';
--- a/superset-frontend/packages/superset-ui-core/src/components/DropdownContainer/DropdownContainer.stories.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/DropdownContainer/DropdownContainer.stories.tsx
@@ -17,7 +17,7 @@
 * under the License.
 */
 import { useRef, useCallback, useState } from 'react';
-import { isEqual } from 'lodash-es';
+import { isEqual } from 'lodash';
 import { css } from '@apache-superset/core/theme';
 import { Button } from '../Button';
 import { Select } from '../Select';
--- a/superset-frontend/packages/superset-ui-core/src/components/IconTooltip/index.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/IconTooltip/index.tsx
@@ -45,7 +45,6 @@ export const IconTooltip = forwardRef<HTMLElement, IconTooltipProps>(
        }}
        buttonStyle="link"
        className={`IconTooltip ${className}`}
-        aria-label={tooltip ?? undefined}
      >
        {children}
      </Button>
--- a/superset-frontend/packages/superset-ui-core/src/components/InfoTooltip/index.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/InfoTooltip/index.tsx
@@ -18,7 +18,7 @@
 */
 import { KeyboardEvent, useMemo } from 'react';
 import { SerializedStyles, CSSObject } from '@emotion/react';
-import { kebabCase } from 'lodash-es';
+import { kebabCase } from 'lodash';
 import { t } from '@apache-superset/core/translation';
 import { css, useTheme, getFontSize } from '@apache-superset/core/theme';
 import {
--- a/superset-frontend/packages/superset-ui-core/src/components/MetadataBar/MetadataBar.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/MetadataBar/MetadataBar.tsx
@@ -18,7 +18,7 @@
 */
 import { useCallback, useEffect, useRef, useState } from 'react';
 import { useResizeDetector } from 'react-resize-detector';
-import { uniqWith } from 'lodash-es';
+import { uniqWith } from 'lodash';
 import { styled } from '@apache-superset/core/theme';
 import { Tooltip } from '../Tooltip';
 import { TooltipPlacement } from '../Tooltip/types';
--- a/superset-frontend/packages/superset-ui-core/src/components/Modal/Modal.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/Modal/Modal.tsx
@@ -24,7 +24,7 @@ import {
  useState,
  type ComponentType,
 } from 'react';
-import { isNil } from 'lodash-es';
+import { isNil } from 'lodash';
 import { t } from '@apache-superset/core/translation';
 import { css, styled, useTheme } from '@apache-superset/core/theme';
 import { Modal as AntdModal, ModalProps as AntdModalProps } from 'antd';
--- a/superset-frontend/packages/superset-ui-core/src/components/ModalTrigger/index.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/ModalTrigger/index.tsx
@@ -24,10 +24,7 @@ import { Modal } from '../Modal';
 export interface ModalTriggerProps {
  dialogClassName?: string;
  triggerNode: ReactNode;
-  // Accept ReactNode so callers can pass rich titles (e.g. a full
-  // <ControlHeader> with description tooltip + validation badges +
-  // warning icons). String remains valid for the common case.
-  modalTitle?: ReactNode;
+  modalTitle?: string;
  modalBody?: ReactNode; // not required because it can be generated by beforeOpen
  modalFooter?: ReactNode;
  beforeOpen?: Function;
@@ -113,9 +110,7 @@ export const ModalTrigger = forwardRef(
          className={className}
          show={showModal}
          onHide={close}
-          // `name` is used for data-test / telemetry and must be a string;
-          // `title` accepts arbitrary ReactNode for rich rendering.
-          name={typeof modalTitle === 'string' ? modalTitle : undefined}
+          name={modalTitle}
          title={modalTitle}
          footer={modalFooter}
          hideFooter={!modalFooter}
--- a/superset-frontend/packages/superset-ui-core/src/components/SafeMarkdown/SafeMarkdown.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/SafeMarkdown/SafeMarkdown.tsx
@@ -22,7 +22,7 @@ import rehypeSanitize, { defaultSchema } from 'rehype-sanitize';
 // remark-gfm v4+ requires react-markdown v9+, which requires React 18.
 // Currently pinned to v3.0.1 for compatibility with react-markdown v8 and React 17.
 import remarkGfm from 'remark-gfm';
-import { cloneDeep, mergeWith } from 'lodash-es';
+import { mergeWith } from 'lodash';
 import { FeatureFlag, isFeatureEnabled } from '../../utils';

 interface SafeMarkdownProps {
@@ -85,15 +85,8 @@ export function getOverrideHtmlSchema(
  originalSchema: typeof defaultSchema,
  htmlSchemaOverrides: SafeMarkdownProps['htmlSchemaOverrides'],
 ) {
-  // Merge into a fresh clone: mergeWith mutates its first argument, and the
-  // array customizer concatenates, so merging into the shared defaultSchema
-  // import would progressively widen the sanitization allowlist for every
-  // SafeMarkdown instance app-wide.
-  return mergeWith(
-    cloneDeep(originalSchema),
-    htmlSchemaOverrides,
-    (objValue, srcValue) =>
-      Array.isArray(objValue) ? objValue.concat(srcValue) : undefined,
+  return mergeWith(originalSchema, htmlSchemaOverrides, (objValue, srcValue) =>
+    Array.isArray(objValue) ? objValue.concat(srcValue) : undefined,
  );
 }

--- a/superset-frontend/packages/superset-ui-core/src/components/Select/AsyncSelect.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/Select/AsyncSelect.tsx
@@ -41,7 +41,7 @@ import {
  LabeledValue as AntdLabeledValue,
  RefSelectProps,
 } from 'antd/es/select';
-import { debounce, isEqual, uniq } from 'lodash-es';
+import { debounce, isEqual, uniq } from 'lodash';
 import { Constants, Icons } from '@superset-ui/core/components';
 import { Space } from '../Space';
 import {
@@ -113,7 +113,7 @@ const AsyncSelect = forwardRef(
      allowClear,
      allowNewOptions = false,
      ariaLabel,
-      autoClearSearchValue = true,
+      autoClearSearchValue = false,
      fetchOnlyOnSearch,
      filterOption = true,
      header = null,
@@ -267,12 +267,6 @@ const AsyncSelect = forwardRef(
        });
        fireOnChange();
      }
-      if (autoClearSearchValue) {
-        setInputValue('');
-        if (fetchOnlyOnSearch) {
-          setSelectOptions([]);
-        }
-      }
      onSelect?.(selectedItem, option);
    };

--- a/superset-frontend/packages/superset-ui-core/src/components/Select/Select.stories.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/Select/Select.stories.tsx
@@ -404,7 +404,7 @@ AdvancedPlayground.args = {
  autoFocus: true,
  allowNewOptions: false,
  allowClear: false,
-  autoClearSearchValue: true,
+  autoClearSearchValue: false,
  allowSelectAll: true,
  disabled: false,
  invertSelection: false,
--- a/superset-frontend/packages/superset-ui-core/src/components/Select/Select.test.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/Select/Select.test.tsx
@@ -1146,127 +1146,6 @@ test('pasting an non-existent option should not add it if allowNewOptions is fal
  expect(await findAllSelectOptions()).toHaveLength(0);
 });

-// Reference for the bug this tests: https://github.com/apache/superset/issues/32645
-// Dashboard filters with "Dynamically search all filter values" only load a
-// page of options client-side, so a pasted value outside that page used to be
-// silently dropped. allowNewOptionsOnPaste keeps such values so the filter can
-// still apply them.
-test('keeps pasted values outside loaded options when allowNewOptionsOnPaste is true', async () => {
-  const onChange = jest.fn();
-  render(
-    <Select
-      {...defaultProps}
-      mode="multiple"
-      allowNewOptions={false}
-      allowNewOptionsOnPaste
-      onChange={onChange}
-    />,
-  );
-  const input = getElementByClassName('.ant-select-selection-search-input');
-  const paste = createEvent.paste(input, {
-    clipboardData: {
-      // Liam is a loaded option; OutsideValue is not in the loaded page.
-      getData: () => 'Liam,OutsideValue',
-    },
-  });
-  fireEvent(input, paste);
-  await waitFor(() => {
-    const values = [
-      ...getElementsByClassName('.ant-select-selection-item'),
-    ].map(value => value.textContent);
-    // The paste handler appends, so the loaded option resolves first.
-    expect(values).toEqual(['Liam', 'OutsideValue']);
-  });
-  // Assert the unloaded value actually reaches the change handler (the value
-  // that gets applied to the filter query), not just the rendered label.
-  expect(onChange).toHaveBeenCalledWith(
-    expect.arrayContaining([
-      expect.objectContaining({ value: 'OutsideValue' }),
-    ]),
-    expect.anything(),
-  );
-});
-
-test('trims whitespace around pasted comma-separated values', async () => {
-  const onChange = jest.fn();
-  render(
-    <Select
-      {...defaultProps}
-      mode="multiple"
-      allowNewOptions={false}
-      allowNewOptionsOnPaste
-      onChange={onChange}
-    />,
-  );
-  const input = getElementByClassName('.ant-select-selection-search-input');
-  const paste = createEvent.paste(input, {
-    clipboardData: {
-      // Note the space after the comma — it must not leak into the value.
-      getData: () => 'Liam, OutsideValue',
-    },
-  });
-  fireEvent(input, paste);
-  await waitFor(() => {
-    const values = [
-      ...getElementsByClassName('.ant-select-selection-item'),
-    ].map(value => value.textContent);
-    expect(values).toEqual(['Liam', 'OutsideValue']);
-  });
-  expect(onChange).toHaveBeenCalledWith(
-    expect.arrayContaining([
-      expect.objectContaining({ value: 'OutsideValue' }),
-    ]),
-    expect.anything(),
-  );
-});
-
-test('does not create an empty option when pasting blank text', async () => {
-  const onChange = jest.fn();
-  render(
-    <Select
-      {...defaultProps}
-      mode="multiple"
-      allowNewOptions={false}
-      allowNewOptionsOnPaste
-      onChange={onChange}
-    />,
-  );
-  const input = getElementByClassName('.ant-select-selection-search-input');
-  const paste = createEvent.paste(input, {
-    clipboardData: {
-      getData: () => '   ',
-    },
-  });
-  fireEvent(input, paste);
-  await waitFor(() => {
-    const values = [
-      ...getElementsByClassName('.ant-select-selection-item'),
-    ].map(value => value.textContent);
-    expect(values).toEqual([]);
-  });
-  // No empty-string value should ever reach the handler.
-  onChange.mock.calls.forEach(([value]) => {
-    expect(value).not.toContain('');
-  });
-});
-
-test('drops pasted values outside loaded options when allowNewOptionsOnPaste is false', async () => {
-  render(<Select {...defaultProps} mode="multiple" allowNewOptions={false} />);
-  const input = getElementByClassName('.ant-select-selection-search-input');
-  const paste = createEvent.paste(input, {
-    clipboardData: {
-      getData: () => 'Liam,OutsideValue',
-    },
-  });
-  fireEvent(input, paste);
-  await waitFor(() => {
-    const values = [
-      ...getElementsByClassName('.ant-select-selection-item'),
-    ].map(value => value.textContent);
-    expect(values).toEqual(['Liam']);
-  });
-});
-
 test('does not fire onChange if the same value is selected in single mode', async () => {
  const onChange = jest.fn();
  render(<Select {...defaultProps} onChange={onChange} />);
--- a/superset-frontend/packages/superset-ui-core/src/components/Select/Select.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/Select/Select.tsx
@@ -37,7 +37,7 @@ import {
  LabeledValue as AntdLabeledValue,
  RefSelectProps,
 } from 'antd/es/select';
-import { debounce, isEqual, uniq } from 'lodash-es';
+import { debounce, isEqual, uniq } from 'lodash';
 import {
  dropDownRenderHelper,
  getOption,
@@ -91,10 +91,9 @@ const Select = forwardRef(
      className,
      allowClear,
      allowNewOptions = false,
-      allowNewOptionsOnPaste = false,
      allowSelectAll = true,
      ariaLabel,
-      autoClearSearchValue = true,
+      autoClearSearchValue = false,
      filterOption = true,
      header = null,
      headerPosition = 'top',
@@ -334,11 +333,6 @@ const Select = forwardRef(
        });
        fireOnChange();
      }
-      if (autoClearSearchValue) {
-        setInputValue('');
-        setIsSearching(false);
-        setVisibleOptions(fullSelectOptions);
-      }
      onSelect?.(selectedItem, option);
    };

@@ -698,34 +692,20 @@ const Select = forwardRef(
        }
      } else {
        const token = tokenSeparators.find(token => pastedText.includes(token));
-        const array = token
-          ? uniq(
-              pastedText
-                .split(token)
-                .map(item => item.trim())
-                .filter(Boolean),
-            )
-          : [pastedText.trim()].filter(Boolean);
+        const array = token ? uniq(pastedText.split(token)) : [pastedText];

        const newOptions: SelectOptionsType = [];
-        // When `allowNewOptionsOnPaste` is set, accept pasted values that are
-        // not in the loaded options even if `allowNewOptions` is false. The
-        // full option set is searched server-side and only partially loaded
-        // client-side, so a pasted value can legitimately exist in the dataset
-        // but fall outside the loaded page.
-        const keepUnknownValues = allowNewOptions || allowNewOptionsOnPaste;

        const values = array
          .map(item => {
            const option = getOption(item, fullSelectOptions, true);
-            if (!option && keepUnknownValues) {
+            if (!option && allowNewOptions) {
              const newOption = {
                label: item,
                value: item,
                isNewOption: true,
              };
              newOptions.push(newOption);
-              return labelInValue ? { label: item, value: item } : item;
            }
            return getPastedTextValue(item);
          })
--- a/superset-frontend/packages/superset-ui-core/src/components/Select/types.ts
+++ b/superset-frontend/packages/superset-ui-core/src/components/Select/types.ts
@@ -88,18 +88,6 @@ export interface BaseSelectProps extends AntdExposedProps {
   * False by default.
   * */
  allowNewOptions?: boolean;
-  /**
-   * Accept values pasted into the Select even when they are not part of the
-   * currently loaded options and `allowNewOptions` is false. Useful for
-   * selects whose full option set is searched server-side and only partially
-   * loaded on the client (e.g. dashboard filters with "Dynamically search all
-   * filter values"), where a pasted value can legitimately exist in the
-   * dataset but fall outside the loaded page.
-   * Only applies to multi-select paste; single-select paste resolves through
-   * `allowNewOptions` and ignores this flag.
-   * False by default.
-   * */
-  allowNewOptionsOnPaste?: boolean;
  /**
   * It adds the aria-label tag for accessibility standards.
   * Must be plain English and localized.
--- a/superset-frontend/packages/superset-ui-core/src/components/TableView/TableView.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/TableView/TableView.tsx
@@ -17,7 +17,7 @@
 * under the License.
 */
 import { memo, useEffect, useRef, useMemo, useCallback, useState } from 'react';
-import { isEqual } from 'lodash-es';
+import { isEqual } from 'lodash';
 import { styled } from '@apache-superset/core/theme';
 import { useFilters, useSortBy, useTable } from 'react-table';
 import { Empty } from '@superset-ui/core/components';
--- a/superset-frontend/packages/superset-ui-core/src/components/TelemetryPixel/TelemetryPixel.test.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/TelemetryPixel/TelemetryPixel.test.tsx
@@ -33,15 +33,10 @@ test('should render', () => {

 test('should render the pixel link when FF is on', () => {
  process.env.SCARF_ANALYTICS = 'true';
-  render(<TelemetryPixel version="1.2.3" sha="abc" build="42" />);
+  render(<TelemetryPixel />);

-  // Hits Scarf's static pixel directly, not the gateway redirect that browsers flag
-  const image = document.querySelector('img[src^="https://static.scarf.sh/"]');
+  const image = document.querySelector('img[src*="scarf.sh"]');
  expect(image).toBeInTheDocument();
-  expect(image?.getAttribute('src')).toContain('version=1.2.3');
-  expect(image?.getAttribute('src')).toContain('sha=abc');
-  expect(image?.getAttribute('src')).toContain('build=42');
-  expect(document.querySelector('img[src*="gateway.scarf.sh"]')).toBeNull();
 });

 test('should NOT render the pixel link when FF is off', () => {
@@ -51,19 +46,3 @@ test('should NOT render the pixel link when FF is off', () => {
  const image = document.querySelector('img[src*="scarf.sh"]');
  expect(image).not.toBeInTheDocument();
 });
-
-test('should NOT render the pixel link when disabled at runtime', () => {
-  process.env.SCARF_ANALYTICS = 'true';
-  render(<TelemetryPixel enabled={false} />);
-
-  const image = document.querySelector('img[src*="scarf.sh"]');
-  expect(image).not.toBeInTheDocument();
-});
-
-test('should render the pixel link when enabled at runtime', () => {
-  process.env.SCARF_ANALYTICS = 'true';
-  render(<TelemetryPixel enabled />);
-
-  const image = document.querySelector('img[src*="scarf.sh"]');
-  expect(image).toBeInTheDocument();
-});
--- a/superset-frontend/packages/superset-ui-core/src/components/TelemetryPixel/index.tsx
+++ b/superset-frontend/packages/superset-ui-core/src/components/TelemetryPixel/index.tsx
@@ -23,25 +23,17 @@ interface TelemetryPixelProps {
  version?: string;
  sha?: string;
  build?: string;
-  enabled?: boolean;
 }

 /**
 * Renders a telemetry pixel component to capture anonymous, aggregated telemetry via Scarf.
- *
- * Telemetry can be disabled in two ways:
- * - At build time, by setting the SCARF_ANALYTICS environment variable to `false`
- *   (inlined by webpack; only effective when building the frontend yourself).
- * - At runtime, by passing `enabled={false}`, which the app derives from the
- *   `SCARF_ANALYTICS` backend config exposed via the bootstrap payload. This is
- *   what allows opting out in pre-built images, where the build-time flag is fixed.
+ * This can be disabled by setting the SCARF_ANALYTICS environment variable to false.
 *
 * @component
 * @param {TelemetryPixelProps} props - The props for the TelemetryPixel component.
 * @param {string} props.version - The version of  Superset that's currently in use.
 * @param {string} props.sha - The SHA of Superset that's currently in use.
 * @param {string} props.build - The build of Superset that's currently in use.
- * @param {boolean} props.enabled - Runtime opt-out switch; when false the pixel is not rendered.
 * @returns {JSX.Element | null} The rendered TelemetryPixel component.
 */

@@ -51,18 +43,9 @@ export const TelemetryPixel = ({
  version = 'unknownVersion',
  sha = 'unknownSHA',
  build = 'unknownBuild',
-  enabled = true,
 }: TelemetryPixelProps): ReactElement | null => {
-  // Use Scarf's native static pixel directly rather than the gateway redirect
-  // (apachesuperset.gateway.scarf.sh), which some browsers/extensions flag as a
-  // tracking redirect. The gateway route forwards to this same static endpoint.
-  const pixelPath =
-    `https://static.scarf.sh/a.png?x-pxid=${PIXEL_ID}` +
-    `&version=${encodeURIComponent(version)}` +
-    `&sha=${encodeURIComponent(sha)}` +
-    `&build=${encodeURIComponent(build)}`;
-  const disabled = !enabled || process.env.SCARF_ANALYTICS === 'false';
-  return disabled ? null : (
+  const pixelPath = `https://apachesuperset.gateway.scarf.sh/pixel/${PIXEL_ID}/${version}/${sha}/${build}`;
+  return process.env.SCARF_ANALYTICS === 'false' ? null : (
    <img
      referrerPolicy="no-referrer-when-downgrade"
      src={pixelPath}
--- a/superset-frontend/packages/superset-ui-core/src/connection/SupersetClient.ts
+++ b/superset-frontend/packages/superset-ui-core/src/connection/SupersetClient.ts
@@ -52,7 +52,6 @@ const SupersetClient: SupersetClientInterface = {
  request: request => getInstance().request(request),
  getCSRFToken: () => getInstance().getCSRFToken(),
  getUrl: (...args) => getInstance().getUrl(...args),
-  postBlob: (endpoint, payload) => getInstance().postBlob(endpoint, payload),
  get guestTokenHeaderName() {
    try {
      return getInstance().guestTokenHeaderName;
--- a/Show More
+++ b/Show More