[PR] docs(security): explicit security model, role/capability matrix, AGENTS.md linkage [superset]

Thu, 28 May 2026 07:30:49 -0700 


sha174n opened a new pull request, #40503:
URL: https://github.com/apache/superset/pull/40503

   ### SUMMARY
   
   Makes ``.github/SECURITY.md`` the canonical, principle-based source of
   truth for what Apache Superset considers a security vulnerability, and
   wires ``AGENTS.md`` to point at it.
   
   The new **Security Model** section in ``.github/SECURITY.md`` defines:
   
   - Three trust boundaries (Admin role / operator / codebase)
   - A role and capability matrix (Public / Gamma / sql_lab / Alpha /
     Admin / Embedded guest token) covering data read, object write, SQL
     execution, database management, and user/role management
   - A single in/out-of-scope test phrased as one question
   - Illustrative class lists for both in-scope and out-of-scope findings,
     written as principles rather than enumerations of specific files or
     libraries, so the model stays valid as the codebase evolves
   
   The new **Security and Threat Model** section near the top of
   ``AGENTS.md`` gives LLM agents and automated scanners (e.g. the
   Glasswing scan ASF Security is offering to PMCs) a short, structured
   entry point: it inlines the trust boundaries and canonical
   authorization pattern (``@has_access_api`` + ``raise_for_access``), and
   defers to ``.github/SECURITY.md`` for the full matrix and scope lists.
   
   ### BEFORE/AFTER SCREENSHOTS
   
   N/A — documentation-only change.
   
   ### TESTING INSTRUCTIONS
   
   Markdown renders cleanly on GitHub. No code paths changed.
   
   ### ADDITIONAL INFORMATION
   
   - [ ] Has associated issue:
   - [ ] Required feature flags:
   - [ ] Changes UI
   - [ ] Includes DB Migration
   - [ ] Introduces new feature or API
   - [ ] Removes existing feature or API


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to