bito-code-review[bot] commented on PR #40327:
URL: https://github.com/apache/superset/pull/40327#issuecomment-4506394131
<!-- Bito Reply -->
The PR diff shows a change to the `docker/docker-bootstrap.sh` file. The
modification introduces a conditional check for the `SUPERSET_DEBUG_ENABLED`
environment variable to control the Werkzeug debugger flag. When
`SUPERSET_DEBUG_ENABLED` is set to 'true', the debugger is enabled with a
warning message; otherwise, it is disabled with a message indicating how to
enable it. This change aims to align the debugger state with the
`SUPERSET_DEBUG_ENABLED` flag and provide clearer feedback.
**docker/docker-bootstrap.sh**
```
10: +
11: + # Environment-based debugger control for security
12: + # Only enable Werkzeug interactive debugger when explicitly
requested
13: + # Modern Werkzeug (3.0+) includes PIN protection, but
defense-in-depth approach
14: + DEBUGGER_FLAG=""
15: + if [[ "${SUPERSET_DEBUG_ENABLED:-}" == "true" ]]; then
16: + DEBUGGER_FLAG="--debugger"
17: + echo " ⚠️ Werkzeug debugger enabled (requires PIN for
/console access)"
18: + else
19: + echo " 🔒 Werkzeug debugger disabled (set
SUPERSET_DEBUG_ENABLED=true to enable)"
20: + fi
21: +
22: + flask run -p $PORT --reload $DEBUGGER_FLAG --host=0.0.0.0
--exclude-patterns
"*/node_modules/*:*/.venv/*:*/build/*:*/__pycache__/*:*/superset-frontend/*"
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
