pt
/
superset
mirror of https://github.com/apache/superset.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,131 Commits 210 Branches 497 Tags 1.7 GiB
Commit Graph

146 Commits

Author SHA1 Message Date
Jeffrey Wang fb988fee2e Pin boto3 to 1.4.7 (#5290) 2018-06-27 08:55:47 -07:00
timifasubaa b0eee129e9
add more precise types to hive table from csv (#5267) 2018-06-25 16:12:01 -07:00
Maxime Beauchemin 409ac6824a
[sql lab] Fix issue around VARBINARY type in Presto (#5121) 
When receiving a VARBINARY field out of Presto, it shows up as type
`bytes` out of the pyhive driver. Then the pre 3.15 version of
simplejson attempts to convert it to utf8 by default and it craps out.

I bumped to simplejson>=3.25.0 and set `encoding=None` as documented
here
https://simplejson.readthedocs.io/en/latest/#basic-usage so that we can
handle bytes on our own.
 2018-06-20 12:16:59 -07:00
Louis-Etienne 70679d4c93 Pin botocore version (#5184) 
* Pin botocore version

* Version range for botocore
 2018-06-19 08:49:51 -07:00
Riccardo Magliocchetti c670621012 setup: improve description (#5226) 
* setup: improve description

* setup: use README.md as long_description

As pypy.io now should render markdown.
 2018-06-18 08:42:48 -07:00
Ville Brofeldt ccf211036d Bump Celery to 4.2.0 (#5222) 
* Downgrade celery and kombu

* Remove kombu from requirements.txt

* Pin kombu at 4.1.0

* Bump celery to 4.2.0
 2018-06-18 08:19:07 -07:00
Maxime Beauchemin d2bc4ece3e
Bump celery to 4.1.1 (#5134) 
* Bump celery to 4.1.1

Docs reference `celery worker --app=superset.sql_lab:celery_app
--pool=gevent -Ofair` command which seems only to work with Celery 4.1.1

* Add UPDATING.md message
 2018-06-04 14:54:36 -07:00
Maxime Beauchemin ffd65ce623
Pin FAB to 1.10.0 (#5133) 
Related to
https://github.com/apache/incubator-superset/issues/5088#issuecomment-394064133
 2018-06-04 09:03:30 -07:00
Maxime Beauchemin f6117973e9
Bump dep on pydruid to 0.4.3 (#5098) 2018-05-30 09:15:10 -07:00
Maxime Beauchemin ce0011e5fc
Add missing dep on contextlib2 (#5027) 2018-05-21 13:19:07 -07:00
Maxime Beauchemin 2ba929ac9e Fix flask<1.0.0 
Made a mistake originally, meant to flask<1.0.0
 2018-05-16 18:37:14 -05:00
Maxime Beauchemin 2c5200affd
[deps] force flask<=1.0.0 (#4959) 
flask 1.0 came out and has backwards incompatible changes. People
are reporting that fresh install doesn't work anymore.

fixes https://github.com/apache/incubator-superset/issues/4953

We should ship a 0.25.1 with this in
 2018-05-13 11:16:09 -07:00
Maxime Beauchemin 45ffed9976
Move from deprecated flask-cache to flask-caching (#4944) 
It appears the officially maintained fork of flask-cache is
flask-caching https://github.com/sh4nks/flask-caching . It is fully
compatible with flask-cache.
 2018-05-07 23:18:46 -07:00
Maxime Beauchemin 590e3462d6
Fix 'pip install .' (#4856) 
* Fix 'pip install .'

Fix error :
> flask-appbuilder 1.10.0 has requirement Flask-SQLAlchemy==2.1,
> but you'll have flask-sqlalchemy 2.3.2 which is incompatible.
> botocore 1.10.5 has requirement python-dateutil<2.7.0,>=2.1, but you'll
> have python-dateutil 2.7.2 which is incompatible.

* remove flask-sqlalchemy==2.1 from reqs.txt
 2018-04-23 08:16:22 -07:00
John Bodley 44c2d5bdab
[setup] Dropping 3.4 and adding 3.6 (#4835) 
* [setup] Dropping 3.4 and 3.6

* Update tox.ini

* Update .travis.yml
 2018-04-17 21:30:12 -07:00
Beto Dealmeida fd84fd89ce RFC: add logger that logs into browser console (#4702) 
* Option for logging into browser console

* Move import

* Add lint req

* Add docs, use Flask logger
 2018-04-12 21:48:17 -07:00
John Bodley 1627fd096b
[travis/tox] Restructuring configuration (#4552) 2018-04-10 15:59:44 -07:00
John Bodley 68bfcefb27 [flask-appbuilder] Bumping version to 1.10.0 (#4603) 2018-04-02 21:35:10 -07:00
John Bodley b3442a7b53
[cli] Deprecating gunicorn/flower dependencies (#4451) 2018-03-30 09:28:16 -07:00
Maxime Beauchemin b24a6fd4b5
Fix setup.py, comma makes download_url a tuple (#4676) 2018-03-23 11:21:19 -07:00
John Bodley 3fbadd68a4 [code-climate] Deprecating Code Climate from JavaScript tests 2018-03-08 22:40:08 -08:00
Maxime Beauchemin d817b8ddbb
Setting up compression using flask-compress (#4543) 2018-03-06 21:19:29 -08:00
John Bodley b01a9bba1f [setup] Fixing URLs 2018-03-05 13:06:08 -08:00
timifasubaa 404e2d552a fixes to csv - hive upload (#4488) 2018-02-27 22:13:06 -08:00
John Bodley d57a37e341 [flake8] Adding flake8-coding (#4477) 2018-02-25 15:06:11 -08:00
John Bodley e112e4417c [flake8] Adding future-import check (#4476) 2018-02-23 16:42:09 -08:00
Maxime Beauchemin 5c35a2d210
A collection of bug fixes (#4444) 2018-02-20 14:41:35 -08:00
David Dworken 4ff17ffc8d Fix 4 security vulnerabilities (#4390) 
* Switched yaml.load to yaml.safe_load to prevent code execution via crafted yaml files

Python's yaml.laod can lead to code execution via crafted yaml files such as:

```
code_exec: !!python/object/apply:subprocess.check_output ['ls']
```

* Fixed XSS via bleach

It was possible to get an XSS via the markdown library via simply setting a description containing arbitary HTML tags.
It was also possible to create links that went to the `javascript:` link handler (eg `[example](javascript:alert(0)`)
Using bleach to sanitize it solves both of these.

* Added XFO header by default to prevent clickjacking attacks

Note that with this application clickjacking can be relatively severe via the SQLLab functionality
which allows executing arbitary SQL.

* Added justification for dangerouslySetInnerHTML

* Fixed linting errors

* Fixed linting errors
 2018-02-09 14:33:29 -08:00
Maxime Beauchemin 0480fa0121
Bump pydruid to 0.4.1 (#4377) 2018-02-07 16:45:44 -08:00
Maxime Beauchemin 803738436e
Bump python dependencies (#4341) 
* Bump python dependencies

* Fix conflict
 2018-02-07 14:32:29 -08:00
Maxime Beauchemin d41418eaa0
Bump pyrdruid to 0.4.0 (#4325) 2018-02-03 19:48:38 -08:00
Riccardo Magliocchetti 1b06140bde Bump sqlalchemy to 1.2.2 (#4299) 
* Bump sqlalchemy to 1.2.2

Fix #4196

* Bump sqlalchemy-utils to 0.32.21
 2018-01-28 09:32:41 -08:00
Maxime Beauchemin 718230cdf2
Bump flower==0.9.2 (#4263) 2018-01-23 10:15:10 -08:00
John Bodley d57012067b [FAB] configuring updating of permissions (#4172) 2018-01-08 14:39:18 -08:00
Maxime Beauchemin 45686a1af6
Multi layers DECK.GL visualization (#4096) 
* Multi layers DECK.GL viz

* Fix tests

* rebasing

* Fix error handling in chartActions

* Addressing comments
 2017-12-26 10:47:29 -08:00
Maxime Beauchemin e4903e6dc6
[geo] add support for deck.gl's path layer (#4067) 
* [geo] add support for deck.gl's path layer

Works with json and polyline data.

* Lint
 2017-12-19 12:38:03 -08:00
Maxime Beauchemin ec752b1378
[geo] provide more flexible Spatial controls (#4032) 
Before this PR the only way to query lat/long is in the shape of 2
columns that contains lat and long.

Now we're adding 2 more options:
* a single column that has lat and long with a delimiter in between
* support for geohashes - geohashes are cool
 2017-12-15 11:47:27 -08:00
Maxime Beauchemin 23c834f04e
Fix the pypi build (#4047) 2017-12-12 18:12:26 -08:00
rumbin e98a1c3537 asciifying http header for csv download; fixes #3952 (#3975) 
* asciifying http header for csv download; fixes #3952

* fixed order of imports and added unidecode to requirements in setup.py
 2017-12-05 12:04:58 -08:00
fabianmenges 72627b1761 Adding YAML Import-Export for Datasources to CLI (#3978) 
* Adding import and export for databases

* Linting
 2017-12-05 11:14:52 -08:00
John Bodley ac57780607 [flake8] Resolving Q??? errors (#3847) 2017-11-13 21:06:51 -08:00
王洁玉 7fce8eab3a Update setup.py (#3510) 2017-11-11 21:51:53 -08:00
John Bodley ba96984048 [flake8] Resolving E3?? errors (#3814) 2017-11-10 17:52:34 -08:00
Maxime Beauchemin 591e5ec32e Bump celery to 4.1.0 (#3831) 
* Bump celery to 4.1.0

* Also bumping boto3 to allow for celery 4 on SQS
 2017-11-10 16:28:56 -08:00
John Bodley 1ea4521d0c [flake8] Resolving E7?? errors (#3816) 2017-11-09 20:23:59 -08:00
John Bodley e2bca47421 [flake8] Resolve I??? errors (#3797) 2017-11-07 20:23:40 -08:00
Riccardo Magliocchetti 8773e32cd6 setup: bump pandas to 0.20.3 (#3506) 2017-09-27 19:50:06 -07:00
timifasubaa d7fc364ff4 Fix idna requirement (#3497) 
There is often conflicting versions of idna. This fixes is to 2.5.
 2017-09-19 21:30:18 -07:00
Riccardo Magliocchetti 3dfdde130a setup: Bump sqlalchemy-utils to 0.32.16 (#3405) 
Now sqlalchemy-utils will make explicit that we are trying
decoding the secret with the wrong key instead of a generic
UnicodeDecodeError.

Fix #2600
 2017-09-01 08:30:48 -07:00
Maxime Beauchemin c5b1eb7f5b Bump fab to 1.9.4 (#3364) 
Important bug/security fixes detailed here:
https://github.com/dpgaspar/Flask-AppBuilder/blob/master/docs/versions.rst
 2017-08-24 08:08:29 -07:00