potiuk commented on PR #45527: URL: https://github.com/apache/airflow/pull/45527#issuecomment-2585381090
Hey here. I know this one is huge and difficult to review, but this was the easiest way I could bring the "pull_request_target" removal to `v2-10-test` branch. Since we stopped cherry-picking breeze changes to `v2-10-test` and made a LOT of chenges in main (removing Python 3.8, moving providers, adding test_sdk and so on - cherry-picking individual commits was not an option. So I choose a different path - I copuied the latest `breeze`, `ci_scripts`, `Dockerfiles` and `.pre-commits` and adapted them to`v2-10-test` - mostly removing stuff that was not needed in v2-10-test (providers, charts, new api etc. etc., adding back Python 3.8). All other changes were results of fixing the tests. I think the easiest way to review it is two-fold: 1) you can compare all the breeze/ci stuff with `main` - and see the differences (mostly removals of the things above) 2) then you can compare "airflow" and "tests" with `v2-10-test` and see that they only changed to accomodate to some tests scripts changes. I know I am asking a lot, but this is the easiest way we can remove last remnants of `pull_request_target" - which is still a potential security issue. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
