The GitHub Actions job "Tests (AMD)" on 
airflow.git/fix-templated-dag-id-escape-vulnerability has succeeded.
Run started by GitHub user gopidesupavan (triggered by gopidesupavan).

Head commit for run:
565d43e8111d8a2d8068b319b568b83e2f51ad08 / GPK <[email protected]>
Quote `dag_id` in Task SDK Get to prevent path traversal

### Motivation
- Prevent templated `trigger_dag_id` from escaping the `/dags/` Execution API 
path by ensuring the task SDK treats `dag_id` as a single URL path segment.

### Description
- Percent-encode `dag_id` in `DagsOperations.get` by using 
`urllib.parse.quote(dag_id, safe='')` in 
`task-sdk/src/airflow/sdk/api/client.py` and add a regression test 
`test_get_url_quotes_dag_id_as_single_path_segment` in 
`task-sdk/tests/task_sdk/api/test_client.py` that asserts the request 
`raw_path` is the percent-encoded `/dags/` segment.

### Testing
- Ran `ruff format` and `ruff check --fix` on the modified files successfully 
and added a unit test demonstrating the encoded path behavior; running the test 
suite with `uv run --project task-sdk pytest ...` was attempted but test 
execution was blocked by network dependency download failures in this 
environment.

---
Drafted-by: GPT-5.3-Codex (no human review before posting)

Report URL: https://github.com/apache/airflow/actions/runs/27058749308

With regards,
GitHub Actions via GitBox


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to