mirror of
https://github.com/apache/superset.git
synced 2026-05-07 17:04:58 +00:00
fe86c5c5bf
`superset import_datasources` (and the v0 dispatcher path used by `superset import_datasources` for plain-YAML files) imported `databases.sqlalchemy_uri` via the model's raw `import_from_dict`, which uses `setattr` and never extracts the password. The result was a clear-text password sitting in `dbs.sqlalchemy_uri` and a `NULL` `password` column — the opposite of how the web UI stores it. Re-apply the URI through `set_sqlalchemy_uri` after the import so the password is encrypted into the `password` column and the stored URI is masked, matching the web-UI/v1-importer behavior. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>