This is an automated email from the ASF dual-hosted git repository.
aminghadersohi pushed a change to branch work-pr-39604
in repository https://gitbox.apache.org/repos/asf/superset.git
was 297157a7b0c fix(mcp): use consistent filter() style for email lookup
in find_user_with_relationships
This change permanently discards the following revisions:
discard 297157a7b0c fix(mcp): use consistent filter() style for email lookup
in find_user_with_relationships
discard bb87e2b5259 fix(mcp): remove exc_info=True from tool-visibility debug
log to prevent traceback-based credential leak
discard 35ac1ce13d0 fix(mcp): fix MCPPermissionDeniedError handler order and
visibility test patch targets
discard 40cf92399ce fix(mcp): broaden _log_user_resolution_failure type hint
discard 025ab1a5fef fix(mcp): update security_manager patch target in
tool-search tests
discard 31a204b1c67 fix(mcp): address Codex review — error class, fail-open,
DRY permission logic
discard 0e37e08eb12 fix(mcp): update security_manager patch target in RBAC
tests
discard 9a299d85117 fix(mcp): remove sensitive values from log calls to
satisfy CodeQL
discard 42e588298a2 fix(mcp): address dpgaspar review — imports, types,
exception scope
discard ab5e42be8a4 fix(mcp): use class-bound attribute in joinedload for
group roles
discard 434330674ec fix(mcp): remove sensitive values from log calls to
satisfy CodeQL
discard 3a632e1d829 fix(mcp): address CodeQL security warnings and add ApiKey
RBAC regression test
discard 0fb6ee5b3c0 fix(mcp): normalize FAB_API_KEY_PREFIXES from config
before passing to CompositeTokenVerifier
discard 46f843c0b5f fix(mcp): fix stale patch target in auth tests and update
stale docstring
discard bd82aa2375e fix(mcp): validate api_key_prefixes in
CompositeTokenVerifier — filter empty/non-string entries
discard 494213c3706 fix(mcp): fix stale patch target in auth tests and update
stale docstring
discard 771cd333fb1 refactor(mcp): delegate load_user_with_relationships to
SecurityManager.find_user_with_relationships
discard a05406effc2 fix(mcp): harden auth — PermissionError propagation,
passthrough client_id guard, fail-closed on missing token
discard 9e4bf60cb45 refactor(mcp): extract duplicated app context + sm setup
into helper
discard 4616bed261c fix(mcp): fix stale patch target in auth tests and update
stale docstring
discard a26070c5afa Potential fix for pull request finding
discard ea477720cbe refactor(mcp): hoist JWT verifier imports to module top
discard 85da5d227a4 fix(security): drop redundant explicit ApiKey perm creation
discard 7829eff6fcf refactor(mcp): hoist API key auth imports to module top
discard 0bc8c8de268 fix(mcp): validate API keys via FastMCP AccessToken and
lock down ApiKey perms
discard d08467b432e fix(mcp): remove prefixes from log to satisfy CodeQL
discard a77c7b4de33 fix(mcp): add type annotations to test fixtures and
parameters
discard 843cc9fc97a fix(mcp): wire composite verifier and add ApiKey
permission sync
discard 21ae406d972 fix(mcp): create ApiKey permissions on init and support
API keys with JWT auth
