You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by vi...@apache.org on 2020/09/05 13:55:23 UTC
[incubator-superset] branch 0.37 updated (6d07273 -> a72903c)
This is an automated email from the ASF dual-hosted git repository.
villebro pushed a change to branch 0.37
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git.
from 6d07273 fix: excel sheet upload is not working (#10450)
add 0dbc1db add changelog entries
new a72903c security: disallow uuid package on jinja1 (#10794)
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
CHANGELOG.md | 8 ++++++++
UPDATING.md | 4 ++++
docs/sqllab.rst | 5 ++++-
setup.cfg | 2 +-
superset/extensions.py | 5 ++++-
5 files changed, 21 insertions(+), 3 deletions(-)
[incubator-superset] 01/01: security: disallow uuid package on
jinja1 (#10794)
Posted by vi...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
villebro pushed a commit to branch 0.37
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
commit a72903cb929c55642b22895dc11999495605a6fe
Author: Daniel Vaz Gaspar <da...@gmail.com>
AuthorDate: Fri Sep 4 16:37:14 2020 +0100
security: disallow uuid package on jinja1 (#10794)
* fix: disallow uuid package on jinja2
* update UPDATING.md
* Update UPDATING.md
Co-authored-by: Ville Brofeldt <33...@users.noreply.github.com>
Co-authored-by: Ville Brofeldt <33...@users.noreply.github.com>
---
UPDATING.md | 4 ++++
docs/sqllab.rst | 5 ++++-
setup.cfg | 2 +-
superset/extensions.py | 5 ++++-
4 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/UPDATING.md b/UPDATING.md
index 3755694..2a6dcb8 100644
--- a/UPDATING.md
+++ b/UPDATING.md
@@ -21,6 +21,10 @@ under the License.
This file documents any backwards-incompatible changes in Superset and
assists people when migrating to a new version.
+## 0.37.1
+
+* [10794](https://github.com/apache/incubator-superset/pull/10794): Breaking change: `uuid` python package is not supported on Jinja2 anymore, only uuid functions are exposed eg: `uuid1`, `uuid3`, `uuid4`, `uuid5`.
+
## 0.37.0
* [9964](https://github.com/apache/incubator-superset/pull/9964): Breaking change on Flask-AppBuilder 3. If you're using OAuth, find out what needs to be changed [here](https://github.com/dpgaspar/Flask-AppBuilder/blob/master/README.rst#change-log).
diff --git a/docs/sqllab.rst b/docs/sqllab.rst
index b582c53..27711cb 100644
--- a/docs/sqllab.rst
+++ b/docs/sqllab.rst
@@ -73,7 +73,10 @@ Superset's Jinja context:
- ``time``: ``time``
- ``datetime``: ``datetime.datetime``
-- ``uuid``: ``uuid``
+- ``uuid1``: ``uuid1``
+- ``uuid3``: ``uuid3``
+- ``uuid4``: ``uuid4``
+- ``uuid5``: ``uuid5``
- ``random``: ``random``
- ``relativedelta``: ``dateutil.relativedelta.relativedelta``
diff --git a/setup.cfg b/setup.cfg
index c126a4a..e8505c9 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -38,7 +38,7 @@ combine_as_imports = true
include_trailing_comma = true
line_length = 88
known_first_party = superset
-known_third_party =alembic,apispec,backoff,bleach,cachelib,celery,click,colorama,contextlib2,croniter,cryptography,dataclasses,dateutil,flask,flask_appbuilder,flask_babel,flask_caching,flask_compress,flask_login,flask_migrate,flask_sqlalchemy,flask_talisman,flask_testing,flask_wtf,geohash,geopy,humanize,isodate,jinja2,markdown,markupsafe,marshmallow,msgpack,numpy,pandas,parameterized,parsedatetime,pathlib2,polyline,prison,pyarrow,pyhive,pytest,pytz,retry,selenium,setuptools,simplejson,sl [...]
+known_third_party =alembic,apispec,backoff,bleach,cachelib,celery,click,colorama,contextlib2,croniter,cryptography,dateutil,flask,flask_appbuilder,flask_babel,flask_caching,flask_compress,flask_login,flask_migrate,flask_sqlalchemy,flask_talisman,flask_testing,flask_wtf,geohash,geopy,humanize,isodate,jinja2,markdown,markupsafe,marshmallow,msgpack,numpy,pandas,parameterized,parsedatetime,pathlib2,polyline,prison,pyarrow,pyhive,pytest,pytz,retry,selenium,setuptools,simplejson,slack,sphinx_r [...]
multi_line_output = 3
order_by_type = false
diff --git a/superset/extensions.py b/superset/extensions.py
index a0dad81..2a35166 100644
--- a/superset/extensions.py
+++ b/superset/extensions.py
@@ -48,7 +48,10 @@ class JinjaContextManager:
"relativedelta": relativedelta,
"time": time,
"timedelta": timedelta,
- "uuid": uuid,
+ "uuid1": uuid.uuid1,
+ "uuid3": uuid.uuid3,
+ "uuid4": uuid.uuid4,
+ "uuid5": uuid.uuid5,
}
self._template_processors: Dict[str, Type["BaseTemplateProcessor"]] = {}