* Added spec for Dremio
* Installation instructions for Dremio
* added dependency for dremio
* Update dremio.py
* ASF header, dttm, set min version in setup.py
* Update installation.rst
* Update installation.rst
* fix tox 'Title underline too short.'
* change URI example
Co-authored-by: Naren <41924335+naren-dremio@users.noreply.github.com>
* First cut at app factory
* Setting things back to master
* Working with new FLASK_APP
* Still need to refactor Celery
* CLI mostly working
* Working on unit tests
* Moving cli stuff around a bit
* Removing get in config
* Defaulting test config
* Adding flask-testing
* flask-testing casing
* resultsbackend property bug
* Fixing up cli
* Quick fix for KV api
* Working on save slice
* Fixed core_tests
* Fixed utils_tests
* Most tests working - still need to dig into remaining app_context issue in tests
* All tests passing locally - need to update code comments
* Fixing dashboard tests again
* Blacking
* Sorting imports
* linting
* removing envvar mangling
* blacking
* Fixing unit tests
* isorting
* licensing
* fixing mysql tests
* fixing cypress?
* fixing .flaskenv
* fixing test app_ctx
* fixing cypress
* moving manifest processor around
* moving results backend manager around
* Cleaning up __init__ a bit more
* Addressing PR comments
* Addressing PR comments
* Blacking
* Fixes for running celery worker
* Tuning isort
* Blacking
* Fix version info
Ran into Cypress issues while getting too ambitious in #8157
this is a simplified more targeted version of it
* include package.json (but not under static/)
* use package.json as single source of truth for version info
* typo
* Fix to werkzeug proxy; expose additional configuration items
* Forced to all x-forwarded configurations ON; black done
* added comments related to x_port after testing
* Updated UPDATING.md
* Removed accidental notebook; added *.ipynb to gitignore
* Delete Untitled-checkpoint.ipynb
* Add support for msgpack results_backend serialization
* Serialize DataFrame with PyArrow rather than JSON
* Adjust dependencies, de-lint
* Add tests for (de)serialization methods
* Add MessagePack config info to Installation docs
* Enable msgpack/arrow serialization by default
* [Fix] Prevent msgpack serialization on synchronous queries
* Add type annotations
* [database] Fix, Removes the limit for the page size, Bump FAB to 2.1.8
Old FAB API had no limits by default, this will keep this behaviour
but only for this endpoint
* [sqllab] Add test for database API
* [sqllab] Add test for database API
* [sqllab] Include page zero on request
* [sqllab] Fix, Black and requirements
* [sqllab] Make database API return unlimited results
* [sqllab] just a test
* [sqllab] Bump FAB to 2.1.9
* [sqllab] Remove unused import
* 7620: Start removing dependencies on requests
* Patch urllib.request.urlopen instead of requests.get
* Try to fix flake8
* More work on flake8 import errors
* First attempt at using urllib with cookies
* Fix pylint/flake8
* Fix test_deliver_slice_csv_attachment
* Fix test_deliver_slice_csv_inline
* Import requests and pydruid conditionally, remove dependency on prison
* Fix flake errors
* Fix load_examples
* Please flake
* Skip tests depending on optional deps
* Try to please flake
* Address review comments
* Remove Druid-related UI
* Revert "Remove Druid-related UI"
This reverts commit d7e0f166cc3f3dd2496b4a666e177f0c191aeb0f.
* Skip a few tests more
* Put imports in right order
* Apply black patch
* Please flake
* Please black, silence flake
* Use flake8 silencing the right way
* Add deps for CI
* Bump requirements.txt
* Cap gunicorn to <19.9.0 due to X-Forwarded-Proto regression
* Remove python-dotenv from requirements-dev.txt
* Cap sqlparse due to regression in 0.3.0
* Add extra_require for bigquery to setup.py
* Refactor df_to_db and add df upload capability for BigQuery
* Fix unit tests and clarify kwarg logic
* Fix flake8 errors
* Add minimum versions for bigquery dependencies
* wrap to_gbq in try-catch block and raise error if pandas-gbq is missing
* Fix linting error and make error more generic
After the following PyDruid change (contained in version 0.5.2)
the Superset Histogram charts rendered with Druid data are
broken:
druid-io/pydruid@0a59a70
Bump the pydruid requirements accordingly in setup.py
Issue: apache#7368
* Bump FAB to 2.0.0
* [tests] whitelist SecurityApi login and refresh endpoints
* [style] Fix, C812 missing trailing commas
* [security] Remove SUPERSET_UPDATE_PERMS flag
Registering sources needs to be performed after the views are
initialized on UPDATE_PERMS=False configuration
* [docs] New, FAB_UPDATE_PERMS and flask fab cli
* [docs] Fix, db upgrade needs to come first, create-admin needs a db
* [cli] New, superset init bootstraps all permissions for FAB and Superset
* [style] Fix, flakes
Package maintainers should really never delete packages, but it appears
this happened with croniter and resulted in breaking our builds.
This PR bumps to a more recent existing version of the library
* Bump sqla to >=1.3.1
* Refine mssql column types to only use N-prefixing when necessary
* make join explicit
* replace set with list
* Add additional test case for N-prefix
* Replace engine with dialect and fix linting error
* Remove unneeded import
* Bump FAB to 1.12.5
* [requirements] New dependency pyJWT added on FAB 1.12.4 for OAuth redirect
* [requirements] Fix, pip-tools bump to 3.5.0 related to #714
* Making thrift, pyhive and tableschema as extra_requires
Looking at the dependency tree for license related questions, I noticed
that tableschema had a huge tree, and only people running Hive really
need it. Making this as well as pyhive and thrift optional.
Also bumping some python dependencies
* Run pip-compile
* Removing refs to past.builtins (from future lib)
* Add thrift
* Fix: updated required cryptography version to 2.4.2 to resolve#6509
* Fix: updated cryptography version to 2.4.2 to resolve#6509
* Fix: updated cryptography version to 2.4.2 to resolve#6509
* Revert "Fix: updated required cryptography version to 2.4.2 to resolve#6509"
This reverts commit b57b08c8e5.
* Fix: updated cryptography version to 2.4.2
* [scheduled reports] Add support for scheduled reports
* Scheduled email reports for slice and dashboard visualization
(attachment or inline)
* Scheduled email reports for slice data (CSV attachment on inline table)
* Each schedule has a list of recipients (all of them can receive a single mail,
or separate mails)
* All outgoing mails can have a mandatory bcc - for audit purposes.
* Each dashboard/slice can have multiple schedules.
In addition, this PR also makes a few minor improvements to the celery
infrastructure.
* Create a common celery app
* Added more celery annotations for the tasks
* Introduced celery beat
* Update docs about concurrency / pools
* [scheduled reports] - Debug mode for scheduled emails
* [scheduled reports] - Ability to send test mails
* [scheduled reports] - Test email functionality - minor improvements
* [scheduled reports] - Rebase with master. Minor fixes
* [scheduled reports] - Add warning messages
* [scheduled reports] - flake8
* [scheduled reports] - fix rebase
* [scheduled reports] - fix rebase
* [scheduled reports] - fix flake8
* [scheduled reports] Rebase in prep for merge
* Fixed alembic tree after rebase
* Updated requirements to latest version of packages (and tested)
* Removed py2 stuff
* [scheduled reports] - fix flake8
* [scheduled reports] - address review comments
* [scheduled reports] - rebase with master
* [build] fix pip install issues on OSX High Sierra
I think requirements.txt was out-of-sync as well.
Also had to:
export
LDFLAGS="-L/usr/local/opt/openssl/lib"
export
CPPFLAGS="-I/usr/local/opt/openssl/include"
export
PKG_CONFIG_PATH="/usr/local/opt/openssl/lib/pkgconfig"
* Fix click
* Deprecate support for Python < 3.6
This is a first step, beyond this we can:
* remove all from future imports
* remove 'six' lib as a dependency
* start using f-strings
* enjoy ourselves
* fix tox
* Rebasing
* fix
* Migrate flask_script to the Flask built-in click.
Flask 0.11 is the built-in integration of the click command line interface.
Flask-Migrate support for the new Flask CLI based on Click after Release 2.0.0.
* Resolved merge conflicts.
* Fixed issue introduced from bad merge.
* Fixed flake8 errors, added build to excluded flake8 stuff.
* * Moved the FlaskGroup declaration to the driver script.
* Moved shell context definition to cli.py
* Switched shell context definition to use decorator.
* Moved create_app definition to cli.py
* Fixed InvocationError with a wrapped function
* Added extra newlines between functions
* Removed flask-script dependency.
Moving to using Twine to upload to pypi and fixing up the markdown
support so that the page on Pypi looks like the README on Github.
This has been tested on the 0.26 branch starting 0.26.3
When receiving a VARBINARY field out of Presto, it shows up as type
`bytes` out of the pyhive driver. Then the pre 3.15 version of
simplejson attempts to convert it to utf8 by default and it craps out.
I bumped to simplejson>=3.25.0 and set `encoding=None` as documented
here
https://simplejson.readthedocs.io/en/latest/#basic-usage so that we can
handle bytes on our own.
* Bump celery to 4.1.1
Docs reference `celery worker --app=superset.sql_lab:celery_app
--pool=gevent -Ofair` command which seems only to work with Celery 4.1.1
* Add UPDATING.md message
It appears the officially maintained fork of flask-cache is
flask-caching https://github.com/sh4nks/flask-caching . It is fully
compatible with flask-cache.
* Fix 'pip install .'
Fix error :
> flask-appbuilder 1.10.0 has requirement Flask-SQLAlchemy==2.1,
> but you'll have flask-sqlalchemy 2.3.2 which is incompatible.
> botocore 1.10.5 has requirement python-dateutil<2.7.0,>=2.1, but you'll
> have python-dateutil 2.7.2 which is incompatible.
* remove flask-sqlalchemy==2.1 from reqs.txt
* Switched yaml.load to yaml.safe_load to prevent code execution via crafted yaml files
Python's yaml.laod can lead to code execution via crafted yaml files such as:
```
code_exec: !!python/object/apply:subprocess.check_output ['ls']
```
* Fixed XSS via bleach
It was possible to get an XSS via the markdown library via simply setting a description containing arbitary HTML tags.
It was also possible to create links that went to the `javascript:` link handler (eg `[example](javascript:alert(0)`)
Using bleach to sanitize it solves both of these.
* Added XFO header by default to prevent clickjacking attacks
Note that with this application clickjacking can be relatively severe via the SQLLab functionality
which allows executing arbitary SQL.
* Added justification for dangerouslySetInnerHTML
* Fixed linting errors
* Fixed linting errors
Before this PR the only way to query lat/long is in the shape of 2
columns that contains lat and long.
Now we're adding 2 more options:
* a single column that has lat and long with a delimiter in between
* support for geohashes - geohashes are cool
* [sqllab] improve Hive support
* Fix "Transport not open" bug
* Getting progress bar to show
* Bump pyhive to 0.4.0
* Getting [Track Job] button to show
* Fix testzz
* upgrade celery to 4.0.2
* using Redis for unit tests (sqla broker not supported in Celery 4)
* Setting Celery's soft_time_limit based on `SQLLAB_ASYNC_TIME_LIMIT_SEC` config
* Better error handling in async tasks
* Better statsd logging in async tasks
* show [pending/running] query status in Results tab
* systematically using sqla NullPool on worker (async) to limit number
of database connections
* [sqllab] assign types for visualize flow
Somehow when using the visualize flow, the types were not
assigned at all, creating some bugs downstream. This PR attempts to get
the information required based on what pandas is knows and the types in
the data itself.
* Fixing tests
* Fixing tests
* Fixing more tests
* Fixing the last py3 tests
* Support more filter operators
* more filter operators [>, <, >=, <=, ==, !=, LIKE]
* Fix need to escape/double `%` in LIKE clauses
* spinner while loading values when changing column
* datasource config elements to allow to applying predicates when
fetching filter values
* refactor
* Removing doubling parens
* rebasing
* Merging migrations