Everyone has done an excellent job. I would also vote for https://github.com/apache/airflow/pull/45266. as it addresses a long-standing issue related to pull_request_target and includes numerous improvements to the CI process. Great work Jarek.
Regards, Pavan On Thu, Jan 9, 2025 at 8:33 PM Shahar Epstein <sha...@apache.org> wrote: > > +1 to this :) > > On Thu, Jan 9, 2025, 22:10 Jarek Potiuk <ja...@potiuk.com> wrote: > > > It's extremely difficult to choose the PR of the month this month with all > > the fantastic job done by many. > > > > But I would like to shamelessly propose > > https://github.com/apache/airflow/pull/45266 -> Simplify caching > > mechanisms > > for CI and PROD images > > > > After quite a few years thanks to improvements in GitHub Actions, switching > > to uv, and using a Github Action developed by Apache Arrow team and > > published in shared Actions repository of ASF, and discussion in "ASF" > > #builds > > team we were able to finally get rid of the "pull_request_target" > > workflow and simplify caching mechanisms we use for our images. That was > > not really workable before without all of those pieces combined together, > > but finally we could do it - and without any significant disruptions. > > > > It's a major improvement in security. Literally days after I merged that, > > we received a security report reporting a new, previously unknown way the > > "pull_request_target" workflow weaknesses could be exploited in Airflow. We > > had other mitigations in place introduced last year, so there is no > > security impact of that one but I still need to backport it to v2-10-test > > (in progress) to get rid of any potential it will be exploited further - > > permanently. > > > > J. > > > > > > > > > > On Mon, Jan 6, 2025 at 10:16 PM Briana Okyere > > <briana.oky...@astronomer.io.invalid> wrote: > > > > > Happy New Year to all! > > > > > > It’s once again time to vote for the PR of the Month! > > > > > > With the help of the `get_important_pr_candidates` script in dev/stats, > > > we've identified the following candidates: > > > > > > PR #44332: AIP-84 Migrate /object/grid_data from views to FastAPI < > > > https://github.com/apache/airflow/pull/44332> > > > > > > PR #44972: Swap Dag Parsing to use the TaskSDK machinery < > > > https://github.com/apache/airflow/pull/44972> > > > > > > PR #44712: [AIP-86] Add Deadline Alerts table, model, and supporting > > tests > > > < > > > https://github.com/apache/airflow/pull/44712> > > > > > > PR #45106: AIP-72: Handling task retries in task SDK + execution API < > > > https://github.com/apache/airflow/pull/45106> > > > > > > PR #44899: AIP-72: Pass context keys from API Server to Worker < > > > https://github.com/apache/airflow/pull/44899> > > > > > > Please reply to this thread with your selection or offer your own > > > nominee(s). > > > > > > Voting will close on Friday, January 10th at 10 AM PST. The winner(s) > > will > > > be featured in the next issue of the Airflow newsletter. > > > > > > Also, if there’s an article or event that you think should be included in > > > this or a future issue of the newsletter, please drop me a line at < > > > briana.oky...@astronomer.io> > > > > > > -- > > > Briana Okyere > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@airflow.apache.org For additional commands, e-mail: dev-h...@airflow.apache.org
