rusackas opened a new pull request, #40674: URL: https://github.com/apache/superset/pull/40674
> **Draft / `hold:sip!`** — this is a **proposal document**, not an implementation. Opening it as a draft PR so the SIP can be discussed inline. ### SUMMARY Adds `docs/sip/auth-session-and-extension-supply-chain-hardening.md`, a SIP proposal collecting the security-review items that are **not** safely shippable as isolated, untested PRs (each needs a behavior-sensitive change, a schema migration, or cross-component coordination): - **A1 — Session fixation:** regenerate the session on login (matters mainly for server-side-session deployments; signed client-cookie sessions already mitigate it). - **A2 — Session termination on disable/delete:** a backend-agnostic per-user "invalidation epoch" that forces logout of outstanding sessions. - **A3 — Guest-token revocation:** per-embedded-dashboard `revoked_before` timestamp checked against the token `iat`. - **Part B — Extension supply chain:** pluggable advisory/vuln-DB checks + version policy (the static `EXTENSION_BLOCKLIST` already shipped). Each section states the gap, a proposed design, compatibility considerations, and rejected alternatives, plus a suggested phasing. ### TESTING INSTRUCTIONS N/A — documentation only. ### ADDITIONAL INFORMATION - [ ] Has associated issue: - [ ] Required feature flags: - [ ] Changes UI - [ ] Includes DB Migration - [ ] Introduces new feature or API - [ ] Removes existing feature or API 🤖 Generated with [Claude Code](https://claude.com/claude-code) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
