(superset) branch work-pr-39604 created (now aabf6c2a6e4)

Thu, 14 May 2026 16:38:07 -0700 

This is an automated email from the ASF dual-hosted git repository.

aminghadersohi pushed a change to branch work-pr-39604
in repository https://gitbox.apache.org/repos/asf/superset.git


      at aabf6c2a6e4 fix(mcp): address CodeQL security warnings and add ApiKey 
RBAC regression test

This branch includes the following new commits:

     new afb3d086e2b fix(mcp): create ApiKey permissions on init and support 
API keys with JWT auth
     new 11e44ac5bf7 fix(mcp): wire composite verifier and add ApiKey 
permission sync
     new d0b77211fce fix(mcp): add type annotations to test fixtures and 
parameters
     new 686ad08bb5d fix(mcp): remove prefixes from log to satisfy CodeQL
     new 9458c25c950 fix(mcp): validate API keys via FastMCP AccessToken and 
lock down ApiKey perms
     new e8d6779b5ac refactor(mcp): hoist API key auth imports to module top
     new 3a4f6024c21 fix(security): drop redundant explicit ApiKey perm creation
     new 342c536358c refactor(mcp): hoist JWT verifier imports to module top
     new 06a9b10068e Potential fix for pull request finding
     new 6dc0dc02b8e fix(mcp): fix stale patch target in auth tests and update 
stale docstring
     new f322a50193e refactor(mcp): extract duplicated app context + sm setup 
into helper
     new 41003686ab1 fix(mcp): harden auth — PermissionError propagation, 
passthrough client_id guard, fail-closed on missing token
     new d98d5e4fe63 refactor(mcp): delegate load_user_with_relationships to 
SecurityManager.find_user_with_relationships
     new add2c387871 fix(mcp): fix stale patch target in auth tests and update 
stale docstring
     new d19470f60c9 fix(mcp): validate api_key_prefixes in 
CompositeTokenVerifier — filter empty/non-string entries
     new 20d4271c533 fix(mcp): fix stale patch target in auth tests and update 
stale docstring
     new a1c99167a22 fix(mcp): normalize FAB_API_KEY_PREFIXES from config 
before passing to CompositeTokenVerifier
     new aabf6c2a6e4 fix(mcp): address CodeQL security warnings and add ApiKey 
RBAC regression test

The 18 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

Reply via email to