codeant-ai-for-open-source[bot] commented on code in PR #36933: URL: https://github.com/apache/superset/pull/36933#discussion_r2930418948
########## superset/embedded_chart/api.py: ########## @@ -0,0 +1,321 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +import logging +from datetime import datetime, timedelta, timezone +from typing import Any + +from flask import g, request, Response +from flask_appbuilder.api import expose, protect, safe + +from superset.commands.exceptions import CommandException +from superset.commands.explore.permalink.create import CreateExplorePermalinkCommand +from superset.daos.key_value import KeyValueDAO +from superset.embedded_chart.exceptions import ( + EmbeddedChartAccessDeniedError, + EmbeddedChartPermalinkNotFoundError, +) +from superset.explore.permalink.schemas import ExplorePermalinkSchema +from superset.extensions import event_logger, security_manager +from superset.key_value.shared_entries import get_permalink_salt +from superset.key_value.types import ( + KeyValueResource, + MarshmallowKeyValueCodec, + SharedKey, +) +from superset.key_value.exceptions import KeyValueParseKeyError +from superset.key_value.utils import decode_permalink_id +from superset.security.guest_token import ( + GuestTokenResource, + GuestTokenResourceType, + GuestTokenRlsRule, + GuestTokenUser, + GuestUser, +) +from superset.views.base_api import BaseSupersetApi, statsd_metrics + +logger = logging.getLogger(__name__) + + +class EmbeddedChartRestApi(BaseSupersetApi): + """REST API for embedded chart data retrieval.""" + + resource_name = "embedded_chart" + allow_browser_login = True + openapi_spec_tag = "Embedded Chart" + + def _validate_guest_token_access(self, permalink_key: str) -> bool: + """ + Validate that the guest token grants access to this permalink. + + Guest tokens contain a list of resources the user can access. + For embedded charts, we check that the permalink_key is in that list. + """ + user = g.user + if not isinstance(user, GuestUser): + return False + + for resource in user.resources: + if ( + resource.get("type") == GuestTokenResourceType.CHART_PERMALINK.value + and str(resource.get("id")) == permalink_key + ): + return True + return False + + def _get_permalink_value(self, permalink_key: str) -> dict[str, Any] | None: + """ + Get permalink value without access checks. + + For embedded charts, access is controlled via guest token validation, + so we skip the normal dataset/chart access checks. + """ + # Use the same salt, resource, and codec as the explore permalink command + salt = get_permalink_salt(SharedKey.EXPLORE_PERMALINK_SALT) + codec = MarshmallowKeyValueCodec(ExplorePermalinkSchema()) + key = decode_permalink_id(permalink_key, salt=salt) + return KeyValueDAO.get_value( + KeyValueResource.EXPLORE_PERMALINK, + key, + codec, + ) + + @expose("/<permalink_key>", methods=("GET",)) + @safe + @statsd_metrics + @event_logger.log_this_with_context( + action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.get", + log_to_statsd=False, + ) + def get(self, permalink_key: str) -> Response: + """Get chart form_data from permalink key. + --- + get: + summary: Get embedded chart configuration + description: >- + Retrieves the form_data for rendering an embedded chart. + This endpoint is used by the embedded chart iframe to load + the chart configuration. + parameters: + - in: path + schema: + type: string + name: permalink_key + description: The chart permalink key + required: true + responses: + 200: + description: Chart permalink state + content: + application/json: + schema: + type: object + properties: + state: + type: object + properties: + formData: + type: object + description: The chart configuration formData + allowedDomains: + type: array + items: + type: string + description: Domains allowed to embed this chart + 401: + $ref: '#/components/responses/401' + 404: + $ref: '#/components/responses/404' + 500: + $ref: '#/components/responses/500' + """ + try: + # Validate guest token grants access to this permalink + if not self._validate_guest_token_access(permalink_key): + raise EmbeddedChartAccessDeniedError() + + # Get permalink value without access checks (guest token already validated) + permalink_value = self._get_permalink_value(permalink_key) + if not permalink_value: + raise EmbeddedChartPermalinkNotFoundError() + + # Return state in the format expected by the frontend: + # { state: { formData: {...}, allowedDomains: [...] } } + state = permalink_value.get("state", {}) + + return self.response( + 200, + state=state, + ) + except EmbeddedChartAccessDeniedError: + return self.response_401() + except EmbeddedChartPermalinkNotFoundError: + return self.response_404() + except (ValueError, KeyError, KeyValueParseKeyError) as ex: + logger.warning("Error fetching embedded chart: %s", ex) + return self.response_500() + + @expose("/", methods=("POST",)) + @protect() + @safe + @statsd_metrics + @event_logger.log_this_with_context( + action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.post", + log_to_statsd=False, + ) + def post(self) -> Response: + """Create an embeddable chart with guest token. + --- + post: + summary: Create embeddable chart + description: >- + Creates an embeddable chart configuration with a guest token. + The returned iframe_url and guest_token can be used to embed + the chart in external applications. + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - form_data + properties: + form_data: + type: object + description: Chart form_data configuration + allowed_domains: + type: array + items: + type: string + description: Domains allowed to embed this chart + ttl_minutes: + type: integer + default: 60 + description: Time-to-live for the embed in minutes + responses: + 200: + description: Embeddable chart created + content: + application/json: + schema: + type: object + properties: + iframe_url: + type: string + description: URL to use in iframe src + guest_token: + type: string + description: Guest token for authentication + permalink_key: + type: string + description: Permalink key for the chart + expires_at: + type: string + format: date-time + description: When the embed expires + 400: + $ref: '#/components/responses/400' + 401: + $ref: '#/components/responses/401' + 500: + $ref: '#/components/responses/500' + """ + try: + body = request.json or {} + form_data = body.get("form_data", {}) + allowed_domains: list[str] = body.get("allowed_domains", []) + ttl_minutes: int = body.get("ttl_minutes", 60) + + if not form_data: + return self.response_400(message="form_data is required") + + # Validate ttl_minutes bounds + if ( + not isinstance(ttl_minutes, int) + or ttl_minutes < 1 + or ttl_minutes > 10080 + ): + return self.response_400( + message="ttl_minutes must be between 1 and 10080" + ) + + # Validate required form_data structure + if not form_data.get("datasource"): + return self.response_400( + message="form_data must include 'datasource' field" + ) + + # Create permalink with the form_data + state = { + "formData": form_data, + "allowedDomains": allowed_domains, + } + permalink_key = CreateExplorePermalinkCommand(state).run() + + # Calculate expiration + expires_at = datetime.now(timezone.utc) + timedelta(minutes=ttl_minutes) Review Comment: **Suggestion:** `ttl_minutes` is only used to compute the returned timestamp, but the permalink itself is created without expiration, so embeds can remain valid beyond the advertised TTL. Persist the permalink entry with `expires_on` to enforce actual expiry. [logic error] <details> <summary><b>Severity Level:</b> Critical 🚨</summary> ```mdx - ❌ TTL contract in embed API is not enforced. - ⚠️ Security expectations for ephemeral links are weakened. - ⚠️ UI displays expiry timestamp that backend ignores. ``` </details> ```suggestion # Create permalink with the form_data state = { "formData": form_data, "allowedDomains": allowed_domains, } permalink_key = CreateExplorePermalinkCommand(state).run() # Calculate expiration and enforce it on the permalink entry expires_at = datetime.now(timezone.utc) + timedelta(minutes=ttl_minutes) permalink_id = decode_permalink_id( permalink_key, salt=get_permalink_salt(SharedKey.EXPLORE_PERMALINK_SALT), ) KeyValueDAO.update_entry( KeyValueResource.EXPLORE_PERMALINK, state, MarshmallowKeyValueCodec(ExplorePermalinkSchema()), permalink_id, expires_on=expires_at.replace(tzinfo=None), ) ``` <details> <summary><b>Steps of Reproduction ✅ </b></summary> ```mdx 1. UI embed flow (`superset-frontend/src/explore/components/EmbedCodeContent.tsx:71-87`) always posts `ttl_minutes` to `POST /api/v1/embedded_chart/`. 2. Backend computes `expires_at` (`superset/embedded_chart/api.py:270`) but creates permalink through `CreateExplorePermalinkCommand.run()` (`superset/commands/explore/permalink/create.py:56-74`) without `expires_on`. 3. Stored permalink is read through `KeyValueDAO.get_value()` (`superset/daos/key_value.py:50-60`), which only expires entries when `entry.expires_on` is set (`:57`). 4. Result: TTL is informational only in this endpoint; permalink lifetime is not bounded by `ttl_minutes`, so expiration behavior diverges from returned `expires_at`. ``` </details> <details> <summary><b>Prompt for AI Agent 🤖 </b></summary> ```mdx This is a comment left during a code review. **Path:** superset/embedded_chart/api.py **Line:** 262:270 **Comment:** *Logic Error: `ttl_minutes` is only used to compute the returned timestamp, but the permalink itself is created without expiration, so embeds can remain valid beyond the advertised TTL. Persist the permalink entry with `expires_on` to enforce actual expiry. Validate the correctness of the flagged issue. If correct, How can I resolve this? If you propose a fix, implement it and please make it concise. ``` </details> <a href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F36933&comment_hash=761d79f7ad5e77d4389efb47944df223efcf1b074498749c2c030fe540412148&reaction=like'>👍</a> | <a href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F36933&comment_hash=761d79f7ad5e77d4389efb47944df223efcf1b074498749c2c030fe540412148&reaction=dislike'>👎</a> ########## superset/embedded_chart/api.py: ########## @@ -0,0 +1,321 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +import logging +from datetime import datetime, timedelta, timezone +from typing import Any + +from flask import g, request, Response +from flask_appbuilder.api import expose, protect, safe + +from superset.commands.exceptions import CommandException +from superset.commands.explore.permalink.create import CreateExplorePermalinkCommand +from superset.daos.key_value import KeyValueDAO +from superset.embedded_chart.exceptions import ( + EmbeddedChartAccessDeniedError, + EmbeddedChartPermalinkNotFoundError, +) +from superset.explore.permalink.schemas import ExplorePermalinkSchema +from superset.extensions import event_logger, security_manager +from superset.key_value.shared_entries import get_permalink_salt +from superset.key_value.types import ( + KeyValueResource, + MarshmallowKeyValueCodec, + SharedKey, +) +from superset.key_value.exceptions import KeyValueParseKeyError +from superset.key_value.utils import decode_permalink_id +from superset.security.guest_token import ( + GuestTokenResource, + GuestTokenResourceType, + GuestTokenRlsRule, + GuestTokenUser, + GuestUser, +) +from superset.views.base_api import BaseSupersetApi, statsd_metrics + +logger = logging.getLogger(__name__) + + +class EmbeddedChartRestApi(BaseSupersetApi): + """REST API for embedded chart data retrieval.""" + + resource_name = "embedded_chart" + allow_browser_login = True + openapi_spec_tag = "Embedded Chart" + + def _validate_guest_token_access(self, permalink_key: str) -> bool: + """ + Validate that the guest token grants access to this permalink. + + Guest tokens contain a list of resources the user can access. + For embedded charts, we check that the permalink_key is in that list. + """ + user = g.user + if not isinstance(user, GuestUser): + return False + + for resource in user.resources: + if ( + resource.get("type") == GuestTokenResourceType.CHART_PERMALINK.value + and str(resource.get("id")) == permalink_key + ): + return True + return False + + def _get_permalink_value(self, permalink_key: str) -> dict[str, Any] | None: + """ + Get permalink value without access checks. + + For embedded charts, access is controlled via guest token validation, + so we skip the normal dataset/chart access checks. + """ + # Use the same salt, resource, and codec as the explore permalink command + salt = get_permalink_salt(SharedKey.EXPLORE_PERMALINK_SALT) + codec = MarshmallowKeyValueCodec(ExplorePermalinkSchema()) + key = decode_permalink_id(permalink_key, salt=salt) + return KeyValueDAO.get_value( + KeyValueResource.EXPLORE_PERMALINK, + key, + codec, + ) + + @expose("/<permalink_key>", methods=("GET",)) + @safe + @statsd_metrics + @event_logger.log_this_with_context( + action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.get", + log_to_statsd=False, + ) + def get(self, permalink_key: str) -> Response: + """Get chart form_data from permalink key. + --- + get: + summary: Get embedded chart configuration + description: >- + Retrieves the form_data for rendering an embedded chart. + This endpoint is used by the embedded chart iframe to load + the chart configuration. + parameters: + - in: path + schema: + type: string + name: permalink_key + description: The chart permalink key + required: true + responses: + 200: + description: Chart permalink state + content: + application/json: + schema: + type: object + properties: + state: + type: object + properties: + formData: + type: object + description: The chart configuration formData + allowedDomains: + type: array + items: + type: string + description: Domains allowed to embed this chart + 401: + $ref: '#/components/responses/401' + 404: + $ref: '#/components/responses/404' + 500: + $ref: '#/components/responses/500' + """ + try: + # Validate guest token grants access to this permalink + if not self._validate_guest_token_access(permalink_key): + raise EmbeddedChartAccessDeniedError() + + # Get permalink value without access checks (guest token already validated) + permalink_value = self._get_permalink_value(permalink_key) + if not permalink_value: + raise EmbeddedChartPermalinkNotFoundError() + + # Return state in the format expected by the frontend: + # { state: { formData: {...}, allowedDomains: [...] } } + state = permalink_value.get("state", {}) + + return self.response( + 200, + state=state, + ) + except EmbeddedChartAccessDeniedError: + return self.response_401() + except EmbeddedChartPermalinkNotFoundError: + return self.response_404() + except (ValueError, KeyError, KeyValueParseKeyError) as ex: + logger.warning("Error fetching embedded chart: %s", ex) + return self.response_500() + + @expose("/", methods=("POST",)) + @protect() + @safe + @statsd_metrics + @event_logger.log_this_with_context( + action=lambda self, *args, **kwargs: f"{self.__class__.__name__}.post", + log_to_statsd=False, + ) + def post(self) -> Response: + """Create an embeddable chart with guest token. + --- + post: + summary: Create embeddable chart + description: >- + Creates an embeddable chart configuration with a guest token. + The returned iframe_url and guest_token can be used to embed + the chart in external applications. + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - form_data + properties: + form_data: + type: object + description: Chart form_data configuration + allowed_domains: + type: array + items: + type: string + description: Domains allowed to embed this chart + ttl_minutes: + type: integer + default: 60 + description: Time-to-live for the embed in minutes + responses: + 200: + description: Embeddable chart created + content: + application/json: + schema: + type: object + properties: + iframe_url: + type: string + description: URL to use in iframe src + guest_token: + type: string + description: Guest token for authentication + permalink_key: + type: string + description: Permalink key for the chart + expires_at: + type: string + format: date-time + description: When the embed expires + 400: + $ref: '#/components/responses/400' + 401: + $ref: '#/components/responses/401' + 500: + $ref: '#/components/responses/500' + """ + try: + body = request.json or {} + form_data = body.get("form_data", {}) + allowed_domains: list[str] = body.get("allowed_domains", []) + ttl_minutes: int = body.get("ttl_minutes", 60) Review Comment: **Suggestion:** `allowed_domains` is accepted without type validation, but downstream code iterates it as a list of domain strings. If a string/object is sent, domain validation in the embedded view behaves incorrectly and valid embeds can be rejected. [type error] <details> <summary><b>Severity Level:</b> Major ⚠️</summary> ```mdx - ❌ Embedded chart page can reject valid referrers. - ⚠️ API consumers can store malformed domain payloads. - ⚠️ Frontend default uses list, reducing accidental hits. ``` </details> ```suggestion allowed_domains = body.get("allowed_domains", []) if not isinstance(allowed_domains, list) or any( not isinstance(domain, str) for domain in allowed_domains ): return self.response_400( message="allowed_domains must be a list of strings" ) ttl_minutes: int = body.get("ttl_minutes", 60) ``` <details> <summary><b>Steps of Reproduction ✅ </b></summary> ```mdx 1. Authenticated caller hits `POST /api/v1/embedded_chart/` handled by `EmbeddedChartRestApi.post()` (`superset/embedded_chart/api.py:171-321`). 2. Send malformed payload like `allowed_domains: "https://example.com"`; code accepts it unchanged (`api.py:240`) and persists as `state["allowedDomains"]` (`api.py:263-266`). 3. Embedded page (`superset/embedded_chart/view.py:64-109`) loads permalink and iterates `allowed_domains` (`:95-100`); string values iterate character-by-character. 4. `same_origin()` (`view.py:43-54`) never matches per-character entries, leading to `abort(403)` (`view.py:104-109`) and blocked embedding. ``` </details> <details> <summary><b>Prompt for AI Agent 🤖 </b></summary> ```mdx This is a comment left during a code review. **Path:** superset/embedded_chart/api.py **Line:** 240:241 **Comment:** *Type Error: `allowed_domains` is accepted without type validation, but downstream code iterates it as a list of domain strings. If a string/object is sent, domain validation in the embedded view behaves incorrectly and valid embeds can be rejected. Validate the correctness of the flagged issue. If correct, How can I resolve this? If you propose a fix, implement it and please make it concise. ``` </details> <a href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F36933&comment_hash=59bce833dfa04654ee78437e9a922e977b9d2cd273b96900e207e191f404b40b&reaction=like'>👍</a> | <a href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F36933&comment_hash=59bce833dfa04654ee78437e9a922e977b9d2cd273b96900e207e191f404b40b&reaction=dislike'>👎</a> ########## superset/embedded_chart/view.py: ########## @@ -0,0 +1,138 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +import logging +from typing import Callable +from urllib.parse import urlparse + +from flask import abort, current_app, request +from flask_appbuilder import expose +from flask_login import AnonymousUserMixin, current_user, login_user + +from superset import event_logger +from superset.daos.key_value import KeyValueDAO +from superset.explore.permalink.schemas import ExplorePermalinkSchema +from superset.key_value.shared_entries import get_permalink_salt +from superset.key_value.types import ( + KeyValueResource, + MarshmallowKeyValueCodec, + SharedKey, +) +from superset.key_value.exceptions import KeyValueParseKeyError +from superset.key_value.utils import decode_permalink_id +from superset.superset_typing import FlaskResponse +from superset.utils import json +from superset.views.base import BaseSupersetView, common_bootstrap_payload + +logger = logging.getLogger(__name__) + + +def same_origin(url1: str | None, url2: str | None) -> bool: + """Check if two URLs have the same origin (scheme + netloc).""" + if not url1 or not url2: + return False + parsed1 = urlparse(url1) + parsed2 = urlparse(url2) + # For domain matching, we just check if the host matches + # url2 might just be a domain like "example.com" + if not parsed2.scheme: + # url2 is just a domain, check if it matches url1's netloc + return parsed1.netloc == url2 or parsed1.netloc.endswith(f".{url2}") + return (parsed1.scheme, parsed1.netloc) == (parsed2.scheme, parsed2.netloc) Review Comment: **Suggestion:** The origin matcher parses scheme-less domains with ports incorrectly (for example `localhost:3000`), because `urlparse` interprets the prefix as a scheme and loses the host. This causes legitimate allowed domains to be rejected at runtime; parse scheme-less entries as netlocs and compare normalized host/port values. [logic error] <details> <summary><b>Severity Level:</b> Major ⚠️</summary> ```mdx - ❌ Legitimate localhost:port embeds rejected with HTTP 403. - ⚠️ `allowedDomains` host:port entries behave inconsistently. - ⚠️ MCP embedding setup fails for common local dev. ``` </details> ```suggestion parsed1 = urlparse(url1) has_scheme = "://" in url2 parsed2 = urlparse(url2 if has_scheme else f"//{url2}") host1 = (parsed1.hostname or "").lower() host2 = (parsed2.hostname or "").lower() if not host1 or not host2: return False if not has_scheme: host_match = host1 == host2 or host1.endswith(f".{host2}") return host_match and (parsed2.port is None or parsed1.port == parsed2.port) return ( parsed1.scheme == parsed2.scheme and host1 == host2 and (parsed2.port is None or parsed1.port == parsed2.port) ) ``` <details> <summary><b>Steps of Reproduction ✅ </b></summary> ```mdx 1. Create an embeddable chart with an `allowed_domains` entry like `localhost:3000` via MCP tool request schema `superset/mcp_service/embedded_chart/schemas.py:61-68`; this value is persisted into permalink state at `superset/mcp_service/embedded_chart/tool/get_embeddable_chart.py:26-31`. 2. Load returned iframe URL `/embedded/chart/?permalink_key=...` from an app running at `http://localhost:3000` so `request.referrer` includes that origin; request reaches `EmbeddedChartView.embedded_chart` in `superset/embedded_chart/view.py:64`. 3. Domain validation loop executes at `superset/embedded_chart/view.py:97-101` and calls `same_origin(request.referrer, domain)`. 4. Current parser logic `urlparse("localhost:3000")` misinterprets it (`scheme='localhost', netloc=''`; reproducible via Python), so comparison fails and request is rejected with `abort(403)` at `superset/embedded_chart/view.py:104-109` even for legitimate host:port embeds. ``` </details> <details> <summary><b>Prompt for AI Agent 🤖 </b></summary> ```mdx This is a comment left during a code review. **Path:** superset/embedded_chart/view.py **Line:** 47:54 **Comment:** *Logic Error: The origin matcher parses scheme-less domains with ports incorrectly (for example `localhost:3000`), because `urlparse` interprets the prefix as a scheme and loses the host. This causes legitimate allowed domains to be rejected at runtime; parse scheme-less entries as netlocs and compare normalized host/port values. Validate the correctness of the flagged issue. If correct, How can I resolve this? If you propose a fix, implement it and please make it concise. ``` </details> <a href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F36933&comment_hash=e69e8196b34ef63ee95956349328db9dcd1e8f48ad96a7cc58117edd10c6f937&reaction=like'>👍</a> | <a href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F36933&comment_hash=e69e8196b34ef63ee95956349328db9dcd1e8f48ad96a7cc58117edd10c6f937&reaction=dislike'>👎</a> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
