mirror of
https://github.com/apache/superset.git
synced 2026-05-25 09:45:18 +00:00
7fbea466c9
- Add maintainer authorization check to prevent unauthorized workflow execution - Validate SHA input format to prevent injection attacks - Add 90-minute timeout protection against runaway jobs - Implement automatic blocking for PR synchronize events when Showtime is active - Add unlabeled trigger support for proper label removal handling - Preserve local customizations (install-docker-compose: false, upgrade flag) Security improvements protect against arbitrary code execution while maintaining workflow_dispatch convenience for authorized maintainers. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>