This is an automated email from the ASF dual-hosted git repository. aminghadersohi pushed a commit to branch work-pr-39604 in repository https://gitbox.apache.org/repos/asf/superset.git
commit d08467b432e36f018e31211900fbd9a58807fcf2 Author: Amin Ghadersohi <[email protected]> AuthorDate: Thu Apr 23 20:29:08 2026 -0400 fix(mcp): remove prefixes from log to satisfy CodeQL Remove API key prefixes from log message to avoid CodeQL false positive about clear-text logging of sensitive data. --- superset/mcp_service/mcp_config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/superset/mcp_service/mcp_config.py b/superset/mcp_service/mcp_config.py index d38a5d0eca3..a0d9ae89336 100644 --- a/superset/mcp_service/mcp_config.py +++ b/superset/mcp_service/mcp_config.py @@ -361,7 +361,7 @@ def create_default_mcp_auth_factory(app: Flask) -> Optional[Any]: jwt_verifier=auth_provider, api_key_prefixes=api_key_prefixes, ) - logger.info("API key auth enabled for MCP (prefixes: %s)", api_key_prefixes) + logger.info("API key auth enabled for MCP") return auth_provider except Exception:
