rusackas opened a new pull request, #40647: URL: https://github.com/apache/superset/pull/40647
### SUMMARY This changes a **shipped default**: `SMTP_SSL_SERVER_AUTH` now defaults to `True` (previously `False`) in `superset/config.py`. When STARTTLS or implicit SSL is used for outbound email (alerts & reports), Superset builds an SSL context via `ssl.create_default_context()` only when `SMTP_SSL_SERVER_AUTH` is truthy (see `superset/utils/core.py`). With the old `False` default, the SMTP server's TLS certificate was **not** validated against the system CA store. Defaulting to `True` verifies the mail server's identity out of the box, generic transport hardening for email notifications. **Back-compat escape hatch:** the setting is unchanged in shape and remains fully overridable. Operators who rely on a self-signed or otherwise untrusted certificate can restore the prior behavior with: ```python SMTP_SSL_SERVER_AUTH = False ``` An `UPDATING.md` entry under `## Next` documents the default change and the opt-out (recommending adding the cert/CA to the system trust store as the preferred fix). ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF N/A (config default). ### TESTING INSTRUCTIONS - Unit test added: `tests/unit_tests/config_test.py::test_smtp_ssl_server_auth_defaults_to_true` asserts the default is `True`. Ran locally: passes. - Manual: configure SMTP with STARTTLS against a server with a CA-trusted cert and send a test report — delivery succeeds with validation on. Against an untrusted cert, delivery fails until `SMTP_SSL_SERVER_AUTH = False` is set. ### ADDITIONAL INFORMATION - [ ] Has associated issue: - [ ] Required feature flags: - [ ] Changes UI - [ ] Includes DB Migration (follow approval process in [SIP-59](https://github.com/apache/superset/issues/13351)) - [ ] Migration is atomic, supports rollback & is backwards-compatible - [ ] Confirm DB migration upgrade and downgrade tested - [ ] Runtime estimates and downtime expectations provided - [ ] Introduces new feature or API - [ ] Removes existing feature or API > Note: this PR changes a shipped default. The back-compat escape hatch (`SMTP_SSL_SERVER_AUTH = False`) and an `UPDATING.md` entry are included. 🤖 Generated with [Claude Code](https://claude.com/claude-code) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
