bobbai00 opened a new pull request, #4299: URL: https://github.com/apache/texera/pull/4299
### What changes were proposed in this PR? Updated `SECURITY.md` to provide more detailed guidance on UDF (User-Defined Function) security implications: - Added an **Important** note in the UI Users section clarifying that UDF code is unsandboxed and may access execution environment resources - Expanded the **Computing Unit Types** section with specific details on what UDF code can access (JVM classpath, environment variables, application state) - Added **Java** to the list of supported UDF languages alongside Python, R, and Scala - Added "Isolation of application secrets from UDF code" to the **What is NOT Guaranteed** list - Expanded the **User Code Execution** section to explicitly describe the known limitation around UDF access to sensitive values (e.g., JWT secrets, database credentials) ### Any related issues, documentation, discussions? None. ### How was this PR tested? Documentation-only change. No code or tests affected. ### Was this PR authored or co-authored using generative AI tooling? Generated-by: Claude Code (claude-opus-4-6) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
