+1 to this :) On Thu, Jan 9, 2025, 22:10 Jarek Potiuk <ja...@potiuk.com> wrote:
> It's extremely difficult to choose the PR of the month this month with all > the fantastic job done by many. > > But I would like to shamelessly propose > https://github.com/apache/airflow/pull/45266 -> Simplify caching > mechanisms > for CI and PROD images > > After quite a few years thanks to improvements in GitHub Actions, switching > to uv, and using a Github Action developed by Apache Arrow team and > published in shared Actions repository of ASF, and discussion in "ASF" > #builds > team we were able to finally get rid of the "pull_request_target" > workflow and simplify caching mechanisms we use for our images. That was > not really workable before without all of those pieces combined together, > but finally we could do it - and without any significant disruptions. > > It's a major improvement in security. Literally days after I merged that, > we received a security report reporting a new, previously unknown way the > "pull_request_target" workflow weaknesses could be exploited in Airflow. We > had other mitigations in place introduced last year, so there is no > security impact of that one but I still need to backport it to v2-10-test > (in progress) to get rid of any potential it will be exploited further - > permanently. > > J. > > > > > On Mon, Jan 6, 2025 at 10:16 PM Briana Okyere > <briana.oky...@astronomer.io.invalid> wrote: > > > Happy New Year to all! > > > > It’s once again time to vote for the PR of the Month! > > > > With the help of the `get_important_pr_candidates` script in dev/stats, > > we've identified the following candidates: > > > > PR #44332: AIP-84 Migrate /object/grid_data from views to FastAPI < > > https://github.com/apache/airflow/pull/44332> > > > > PR #44972: Swap Dag Parsing to use the TaskSDK machinery < > > https://github.com/apache/airflow/pull/44972> > > > > PR #44712: [AIP-86] Add Deadline Alerts table, model, and supporting > tests > > < > > https://github.com/apache/airflow/pull/44712> > > > > PR #45106: AIP-72: Handling task retries in task SDK + execution API < > > https://github.com/apache/airflow/pull/45106> > > > > PR #44899: AIP-72: Pass context keys from API Server to Worker < > > https://github.com/apache/airflow/pull/44899> > > > > Please reply to this thread with your selection or offer your own > > nominee(s). > > > > Voting will close on Friday, January 10th at 10 AM PST. The winner(s) > will > > be featured in the next issue of the Airflow newsletter. > > > > Also, if there’s an article or event that you think should be included in > > this or a future issue of the newsletter, please drop me a line at < > > briana.oky...@astronomer.io> > > > > -- > > Briana Okyere > > >
