sha174n opened a new pull request, #40499: URL: https://github.com/apache/superset/pull/40499
### SUMMARY Adds a configurable upper bound on the size of SQL scripts accepted by the SQL parser. Scripts longer than `SQL_MAX_PARSE_LENGTH` (default 1,000,000 characters) are rejected before being passed to sqlglot. The check sits in `SQLStatement._parse`, so it applies to every code path that goes through `SQLScript`, including SQL Lab execute, format, RLS rewriting, dataset SQL, and database engine spec helpers. Set `SQL_MAX_PARSE_LENGTH = None` to disable. ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF N/A — backend-only change. ### TESTING INSTRUCTIONS - Default config: SQL scripts up to 1,000,000 characters parse as before. - Scripts longer than the configured limit raise `SupersetParseError` before reaching sqlglot. - Setting `SQL_MAX_PARSE_LENGTH = None` in `superset_config.py` disables the gate. - Existing parser unit tests pass unchanged. ### ADDITIONAL INFORMATION - [ ] Has associated issue: - [ ] Required feature flags: - [ ] Changes UI - [ ] Includes DB Migration (follow approval process in [SIP-59](https://github.com/apache/superset/issues/13351)) - [ ] Migration is atomic, supports rollback & is backwards-compatible - [ ] Confirm DB migration upgrade and downgrade tested - [ ] Runtime estimates and downtime expectations provided - [ ] Introduces new feature or API - [ ] Removes existing feature or API -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
