Product Research Enterprise Plans Docs

PyPi: Apache-Superset

CVE-2020-28477

Transitive

Safety vulnerability ID: 41791

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jan 19, 2021 Updated at Nov 29, 2024

Scan your Python projects for vulnerabilities →

Advisory

Apache-superset 1.2.0 updates NPM packages for security fixes.
https://github.com/apache/superset/pull/13367

Affected package

apache-superset

Latest version: 4.1.1

A modern, enterprise-ready business intelligence web application

Affected versions

Fixed versions

Vulnerability changelog

**Features**
- [11498](https://github.com/apache/superset/pull/11498) feat(SIP-39): Websocket sidecar app (#11498) (Rob DiCiuccio)
- [13894](https://github.com/apache/superset/pull/13894) feat(alert/report): add ALERTS_ATTACH_REPORTS feature flags + feature (#13894) (Lily Kuang)
- [13828](https://github.com/apache/superset/pull/13828) feat(alert/report): chart as csv format attachment for email and slack (#13828) (Lily Kuang)
- [14235](https://github.com/apache/superset/pull/14235) feat(alert/report): update content format radio buttons (#14235) (Lily Kuang)
- [13752](https://github.com/apache/superset/pull/13752) feat(alerts & reports): Easier to read execution logs (#13752) (Jack Fragassi)
- [14076](https://github.com/apache/superset/pull/14076) feat(can_share): can share chart and dashboard (#14076) (Amit Miran)
- [13687](https://github.com/apache/superset/pull/13687) feat(cross-filter): Cross filter badge (#13687) (simcha90)
- [13625](https://github.com/apache/superset/pull/13625) feat(cross-filters): Add scoping for cross filters (#13625) (simcha90)
- [13523](https://github.com/apache/superset/pull/13523) feat(dashboard): dashboard/id/datasets endpoint (#13523) (David Aaron Suddjian)
- [13145](https://github.com/apache/superset/pull/13145) feat(dashboard_rbac): manage roles for dashboard (#13145) (simcha90)
- [13992](https://github.com/apache/superset/pull/13992) feat(dashboard_rbac): provide data access based on dashboard access (#13992) (Amit Miran)
- [14519](https://github.com/apache/superset/pull/14519) feat(dremio): implement convert_dttm method (#14519) (Ville Brofeldt)
- [13210](https://github.com/apache/superset/pull/13210) feat(explore): ColumnSelectControl with drag-and-drop (#13210) (Yongjie Zhao)
- [13598](https://github.com/apache/superset/pull/13598) feat(explore): Drag and drop UX improvements (#13598) (Kamil Gabryjelski)
- [13294](https://github.com/apache/superset/pull/13294) feat(explore): Postgres datatype conversion (#13294) (Nikola Gigić)
- [13758](https://github.com/apache/superset/pull/13758) feat(explore): adhoc column formatting for Table chart (#13758) (Jesse Yang)
- [14340](https://github.com/apache/superset/pull/14340) feat(filter-box): sort by metric on backend (#14340) (Ville Brofeldt)
- [13576](https://github.com/apache/superset/pull/13576) feat(filter-set): Filter set edge cases (#13576) (simcha90)
- [13529](https://github.com/apache/superset/pull/13529) feat(filter-set): Filter set history (#13529) (simcha90)
- [13545](https://github.com/apache/superset/pull/13545) feat(filter-set): Update existing filter set (#13545) (simcha90)
- [13515](https://github.com/apache/superset/pull/13515) feat(filter-set): adding new filters (#13515) (simcha90)
- [13678](https://github.com/apache/superset/pull/13678) feat(helm): Add optional apt-get install to superset_bootstrap.sh (#13678) (Daniel Wood)
- [14030](https://github.com/apache/superset/pull/14030) feat(helm): add pod and deployment annotations to template (#14030) (Bruno FERNANDO)
- [13683](https://github.com/apache/superset/pull/13683) feat(homescreen and cards): Toggle thumbnails off or on and feature flag (#13683) (Phillip Kelley-Dotson)
- [13726](https://github.com/apache/superset/pull/13726) feat(native-filters): Add default first value to select filter (#13726) (simcha90)
- [14461](https://github.com/apache/superset/pull/14461) feat(native-filters): Auto apply changes in FiltersConfigModal (#14461) (simcha90)
- [13507](https://github.com/apache/superset/pull/13507) feat(native-filters): Filter set tabs (#13507) (simcha90)
- [14313](https://github.com/apache/superset/pull/14313) feat(native-filters): Implement adhoc filters and time picker in Range and Select native filters (#14313) (Kamil Gabryjelski)
- [14261](https://github.com/apache/superset/pull/14261) feat(native-filters): Show/Hide filter bar by metdata ff (#14261) (simcha90)
- [13506](https://github.com/apache/superset/pull/13506) feat(native-filters): Update filter bar buttons (#13506) (simcha90)
- [14374](https://github.com/apache/superset/pull/14374) feat(native-filters): Use datasets in dashboard as default options for native filters (#14374) (Kamil Gabryjelski)
- [14314](https://github.com/apache/superset/pull/14314) feat(native-filters): add option to create value in select filter (#14314) (Ville Brofeldt)
- [14346](https://github.com/apache/superset/pull/14346) feat(native-filters): add optional sort metric to select filter (#14346) (Ville Brofeldt)
- [14375](https://github.com/apache/superset/pull/14375) feat(native-filters): add refresh button to default value picker (#14375) (Ville Brofeldt)
- [13569](https://github.com/apache/superset/pull/13569) feat(native-filters): add sort option to select filter (#13569) (Ville Brofeldt)
- [13622](https://github.com/apache/superset/pull/13622) feat(native-filters): add temporal support to select filter (#13622) (Ville Brofeldt)
- [13484](https://github.com/apache/superset/pull/13484) feat(native-filters): add timegrain and column filter (#13484) (Ville Brofeldt)
- [14312](https://github.com/apache/superset/pull/14312) feat(native-filters): add tooltip to control values (#14312) (Ville Brofeldt)
- [14217](https://github.com/apache/superset/pull/14217) feat(native-filters): select group by support (#14217) (Amit Miran)
- [13634](https://github.com/apache/superset/pull/13634) feat(reports): SLACK_API_TOKEN as callable or str (#13634) (ʈᵃᵢ)
- [13135](https://github.com/apache/superset/pull/13135) feat(reports): send notification on error with grace (#13135) (Daniel Vaz Gaspar)
- [13772](https://github.com/apache/superset/pull/13772) feat(rls): enable row level security by default (#13772) (Ville Brofeldt)
- [14197](https://github.com/apache/superset/pull/14197) feat(viz): add mixed and radar chart (#14197) (Ville Brofeldt)
- [13377](https://github.com/apache/superset/pull/13377) feat(viz): implement time picker on filter box (#13377) (Yongjie Zhao)
- [13144](https://github.com/apache/superset/pull/13144) feat: Add error pages (#13144) (Sam Faber-Manning)
- [14357](https://github.com/apache/superset/pull/14357) feat: Add etag caching to dashboard APIs (#14357) (Erik Ritter)
- [14110](https://github.com/apache/superset/pull/14110) feat: Add health endpoint to WebSocket server (#14110) (Ben Reinhart)
- [13190](https://github.com/apache/superset/pull/13190) feat: Added Rows Returned (#13190) (AAfghahi)
- [14109](https://github.com/apache/superset/pull/14109) feat: Adding encrypted field factory (#14109) (Craig Rueda)
- [14234](https://github.com/apache/superset/pull/14234) feat: Adding limiting_factor column to Query model (#14234) (AAfghahi)
- [14318](https://github.com/apache/superset/pull/14318) feat: Dynamic imports for the Icons component (#14318) (Geido)
- [13981](https://github.com/apache/superset/pull/13981) feat: FE: Export for Queries II (#13981) (Lyndsi Kay Williams)
- [14091](https://github.com/apache/superset/pull/14091) feat: FE: Import for Queries II (#14091) (Lyndsi Kay Williams)
- [13740](https://github.com/apache/superset/pull/13740) feat: Implement Celery SoftTimeLimit handling (#13740) (Lily Kuang)
- [13340](https://github.com/apache/superset/pull/13340) feat: Implement drag and drop columns for filters (#13340) (Kamil Gabryjelski)
- [13575](https://github.com/apache/superset/pull/13575) feat: Implement drag and drop for metrics (#13575) (Kamil Gabryjelski)
- [13521](https://github.com/apache/superset/pull/13521) feat: Logic added to limiting factor column in Query model (#13521) (AAfghahi)
- [14007](https://github.com/apache/superset/pull/14007) feat: Make async query JWT cookie domain configurable (#14007) (Ben Reinhart)
- [12862](https://github.com/apache/superset/pull/12862) feat: Make initial user configurable in helm chart (#12862) (Andreas Eberle)
- [13696](https://github.com/apache/superset/pull/13696) feat: Refactor asyncEvent middleware and add websocket support (#13696) (Rob DiCiuccio)
- [14256](https://github.com/apache/superset/pull/14256) feat: Setup `supersetText` configuration to overwrite errors (#14256) (Hugh A. Miles II)
- [14398](https://github.com/apache/superset/pull/14398) feat: Support env vars configuration for WebSocket server (#14398) (Ben Reinhart)
- [14008](https://github.com/apache/superset/pull/14008) feat: Support feature flag overrides in ephemeral test envs (#14008) (Rob DiCiuccio)
- [14122](https://github.com/apache/superset/pull/14122) feat: TrinoEngineSpec.adjust_database_uri (#14122) (Đặng Minh Dũng)
- [13662](https://github.com/apache/superset/pull/13662) feat: add 'extra' column to saved_queries GET (#13662) (Maxime Beauchemin)
- [13682](https://github.com/apache/superset/pull/13682) feat: add Databricks DB engine spec (#13682) (Beto Dealmeida)
- [14072](https://github.com/apache/superset/pull/14072) feat: add Echarts gauge chart (#14072) (krsnik93)
- [13584](https://github.com/apache/superset/pull/13584) feat: add ErrorBoundary to chart controls (#13584) (Jesse Yang)
- [14267](https://github.com/apache/superset/pull/14267) feat: add alerts & reports to docker compose (#14267) (Daniel Vaz Gaspar)
- [13152](https://github.com/apache/superset/pull/13152) feat: add connector for CrateDB (#13152) (Srini Kadamati)
- [13827](https://github.com/apache/superset/pull/13827) feat: add descriptions to report emails (#13827) (Sam Faber-Manning)
- [14208](https://github.com/apache/superset/pull/14208) feat: add endpoint to fetch available DBs (#14208) (Beto Dealmeida)
- [13468](https://github.com/apache/superset/pull/13468) feat: add event_logger to test_connection and create_database commands (#13468) (Hugh A. Miles II)
- [13997](https://github.com/apache/superset/pull/13997) feat: add extract_errors to Postgres (#13997) (Beto Dealmeida)
- [13586](https://github.com/apache/superset/pull/13586) feat: add more big data for testing (#13586) (Beto Dealmeida)
- [13448](https://github.com/apache/superset/pull/13448) feat: add option to load big/wide tables (#13448) (Beto Dealmeida)
- [13364](https://github.com/apache/superset/pull/13364) feat: add unit test for LimitMethod.FETCH_MANY (#13364) (Beto Dealmeida)
- [13606](https://github.com/apache/superset/pull/13606) feat: add warning metadata to tables and metrics (#13606) (Erik Ritter)
- [13610](https://github.com/apache/superset/pull/13610) feat: added support to configure the default explorer viz (#13610) (cccs-jc)
- [13601](https://github.com/apache/superset/pull/13601) feat: better error message when adding DBs (#13601) (Beto Dealmeida)
- [14250](https://github.com/apache/superset/pull/14250) feat: catch errors on do_ping (#14250) (Beto Dealmeida)
- [13893](https://github.com/apache/superset/pull/13893) feat: create backend routes and API for importing saved queries (#13893) (AAfghahi)
- [13487](https://github.com/apache/superset/pull/13487) feat: create hooks to redux component (#13487) (AAfghahi)
- [13871](https://github.com/apache/superset/pull/13871) feat: create table with long name (#13871) (Beto Dealmeida)
- [14172](https://github.com/apache/superset/pull/14172) feat: error messages for Presto connections (#14172) (Beto Dealmeida)
- [14093](https://github.com/apache/superset/pull/14093) feat: error messages when connecting to MSSQL (#14093) (Beto Dealmeida)
- [14171](https://github.com/apache/superset/pull/14171) feat: error messages when connecting to mssql (#14171) (AAfghahi)
- [14040](https://github.com/apache/superset/pull/14040) feat: handle chart/data API errors (#14040) (Erik Ritter)
- [14204](https://github.com/apache/superset/pull/14204) feat: improve engine spec discoverability (#14204) (Beto Dealmeida)
- [13960](https://github.com/apache/superset/pull/13960) feat: initial work to make v1 API compatible with SIP-40 and SIP-41 (#13960) (Beto Dealmeida)
- [14146](https://github.com/apache/superset/pull/14146) feat: invalid DB name error messages (MySQL/Postgres/Redshift) (#14146) (AAfghahi)
- [14089](https://github.com/apache/superset/pull/14089) feat: invalid hostname and password error messages (MySQL) (#14089) (AAfghahi)
- [14111](https://github.com/apache/superset/pull/14111) feat: invalid hostname and password error messages (Redshift) (#14111) (AAfghahi)
- [14038](https://github.com/apache/superset/pull/14038) feat: invalid password error message (Postgres) (#14038) (Beto Dealmeida)
- [13862](https://github.com/apache/superset/pull/13862) feat: only send alert error emails to owners of the alert (#13862) (Sam Faber-Manning)
- [14163](https://github.com/apache/superset/pull/14163) feat: publish superset helm chart (#14163) (jawabuu)
- [13441](https://github.com/apache/superset/pull/13441) feat: refactor on DBEventLogger to allow for context management (#13441) (Hugh A. Miles II)
- [14092](https://github.com/apache/superset/pull/14092) feat: restyle database modal (#14092) (Elizabeth Thompson)
- [13561](https://github.com/apache/superset/pull/13561) feat: script to benchmark DB migrations (#13561) (Beto Dealmeida)
- [13720](https://github.com/apache/superset/pull/13720) feat: sort time grain configs (#13720) (Elizabeth Thompson)
- [13743](https://github.com/apache/superset/pull/13743) feat: use cross-env when running dev-server (#13743) (Cemre Mengu)

**Fixes**
- [13585](https://github.com/apache/superset/pull/13585) fix antd select dropdown issue (#13585) (Lily Kuang)
- [14369](https://github.com/apache/superset/pull/14369) fix error getting partitionQuery from table.partition (#14369) (eriendeng)
- [13878](https://github.com/apache/superset/pull/13878) fix(#13378): Ensure g.user is set for impersonation (13878) (Ben Reinhart)
- [13756](https://github.com/apache/superset/pull/13756) fix(CI): use presto docker image from starburst (#13756) (Jesse Yang)
- [13718](https://github.com/apache/superset/pull/13718) fix(alerts and reports): Unify timestamp format on execution log view (#13718) (Jack Fragassi)
- [13436](https://github.com/apache/superset/pull/13436) fix(alerts&reports): add celery soft timeout support (#13436) (Daniel Vaz Gaspar)
- [13911](https://github.com/apache/superset/pull/13911) fix(alerts/reports): working timeout with celery kill and logic fix (#13911) (Daniel Vaz Gaspar)
- [14483](https://github.com/apache/superset/pull/14483) fix(annotations): pass force param to annotation request (#14483) (Ville Brofeldt)
- [14526](https://github.com/apache/superset/pull/14526) fix(chart-data): handle url_params in csv export and native filters (#14526) (Ville Brofeldt)
- [13945](https://github.com/apache/superset/pull/13945) fix(colors): fix color schemes (#13945) (simcha90)
- [14063](https://github.com/apache/superset/pull/14063) fix(country-map): update geojson and control layout (#14063) (Jesse Yang)
- [13665](https://github.com/apache/superset/pull/13665) fix(cross-filter): fix scheme py (#13665) (simcha90)
- [14220](https://github.com/apache/superset/pull/14220) fix(cross-filters): Fix missed metadata (#14220) (simcha90)
- [13692](https://github.com/apache/superset/pull/13692) fix(cross-filters): add a control panel to range filter (#13692) (Ville Brofeldt)
- [13703](https://github.com/apache/superset/pull/13703) fix(cross-filters): expand relevant indicator sections (#13703) (Ville Brofeldt)
- [13704](https://github.com/apache/superset/pull/13704) fix(cross-filters): only apply filters if ff is set (#13704) (Ville Brofeldt)
- [13825](https://github.com/apache/superset/pull/13825) fix(cypress): avoid referencing detached dom nodes (#13825) (David Aaron Suddjian)
- [14306](https://github.com/apache/superset/pull/14306) fix(dashboard): Add caching for dashboard datasets (#14306) (David Aaron Suddjian)
- [13352](https://github.com/apache/superset/pull/13352) fix(dashboard): Get dashboard by slug (#13352) (David Aaron Suddjian)
- [14207](https://github.com/apache/superset/pull/14207) fix(dashboard): draft dashboards should be viewable (#14207) (Jesse Yang)
- [14129](https://github.com/apache/superset/pull/14129) fix(dashboard): filter set hydration not working (#14129) (Ville Brofeldt)
- [14148](https://github.com/apache/superset/pull/14148) fix(dashboard): incorrect perm for users with multiple roles (#14148) (Jesse Yang)
- [13691](https://github.com/apache/superset/pull/13691) fix(dashboard): missing parents in directPathToFilter (#13691) (Ville Brofeldt)
- [13769](https://github.com/apache/superset/pull/13769) fix(dashboard): rename native filter configuration property (#13769) (Ville Brofeldt)
- [13652](https://github.com/apache/superset/pull/13652) fix(datasets): log create exceptions as warning (#13652) (ʈᵃᵢ)
- [14295](https://github.com/apache/superset/pull/14295) fix(db2): change name and add legacy alias (#14295) (Ville Brofeldt)
- [14362](https://github.com/apache/superset/pull/14362) fix(emotion): add separate namespace for menu app (#14362) (ʈᵃᵢ)
- [13826](https://github.com/apache/superset/pull/13826) fix(errors): Downgrade error on stop query to a warning (#13826) (Will Barrett)
- [13621](https://github.com/apache/superset/pull/13621) fix(explore): Add int and bool regex pattern (#13621) (Nikola Gigić)
- [14194](https://github.com/apache/superset/pull/14194) fix(explore): CUSTOM SQL tab should automatically update (#14194) (Yaozong Liu)
- [13566](https://github.com/apache/superset/pull/13566) fix(explore): make horizontal scroll appears in data panel (#13566) (Yaozong Liu)
- [13473](https://github.com/apache/superset/pull/13473) fix(explore): make sure sort by metric is not duplicated (#13473) (Jesse Yang)
- [13801](https://github.com/apache/superset/pull/13801) fix(explore): strip semicolons in virtual table SQL (#13801) (Phillip Kelley-Dotson)
- [13613](https://github.com/apache/superset/pull/13613) fix(helm): Add missing extraConfigs template volume mapping and fix type error on template. (#13613) (Daniel Wood)
- [14255](https://github.com/apache/superset/pull/14255) fix(hive): Update CSV to Hive upload prefix (#14255) (John Bodley)
- [14240](https://github.com/apache/superset/pull/14240) fix(hive): Use parquet rather than textfile when uploading CSV files to Hive (#14240) (John Bodley)
- [13906](https://github.com/apache/superset/pull/13906) fix(listview): update listview feature flag (#13906) (Phillip Kelley-Dotson)
- [14332](https://github.com/apache/superset/pull/14332) fix(native-filters): Fix first loading of charts (#14332) (simcha90)
- [14334](https://github.com/apache/superset/pull/14334) fix(native-filters): Fix indicators (#14334) (simcha90)
- [14370](https://github.com/apache/superset/pull/14370) fix(native-filters): Update filter saving (#14370) (simcha90)
- [13837](https://github.com/apache/superset/pull/13837) fix(native-filters): add global async query support to native filters (#13837) (Ville Brofeldt)
- [14353](https://github.com/apache/superset/pull/14353) fix(native-filters): allowClear only when required not checked (#14353) (Ville Brofeldt)
- [14409](https://github.com/apache/superset/pull/14409) fix(native-filters): always show filters without dataset (#14409) (Ville Brofeldt)
- [14401](https://github.com/apache/superset/pull/14401) fix(native-filters): default value not populated on second opening (#14401) (Ville Brofeldt)
- [14426](https://github.com/apache/superset/pull/14426) fix(native-filters): fix filter scope error (#14426) (Ville Brofeldt)
- [14387](https://github.com/apache/superset/pull/14387) fix(native-filters): fix lint (#14387) (simcha90)
- [14218](https://github.com/apache/superset/pull/14218) fix(native-filters): fix remove native filters (#14218) (simcha90)
- [13688](https://github.com/apache/superset/pull/13688) fix(native-filters): fix removing native filter (#13688) (simcha90)
- [14385](https://github.com/apache/superset/pull/14385) fix(native-filters): force update control value on change (#14385) (Ville Brofeldt)
- [13794](https://github.com/apache/superset/pull/13794) fix(native-filters): improve loading styles for filter component (#13794) (Ville Brofeldt)
- [14244](https://github.com/apache/superset/pull/14244) fix(native-filters): merge_extra_form_data extras processing (#14244) (Ville Brofeldt)
- [13434](https://github.com/apache/superset/pull/13434) fix(query): order by adhoc metrics should trigger group by (#13434) (Jesse Yang)
- [13331](https://github.com/apache/superset/pull/13331) fix(query-object): extra time-range-endpoints (#13331) (John Bodley)
- [14014](https://github.com/apache/superset/pull/14014) fix(sqla): apply sqla type on calculated columns (#14014) (Ville Brofeldt)
- [14095](https://github.com/apache/superset/pull/14095) fix(sqla): labels_expected contains mutated label (#14095) (Ville Brofeldt)
- [14297](https://github.com/apache/superset/pull/14297) fix(sqla): timeseries limit not applied when using columns (#14297) (Ville Brofeldt)
- [13739](https://github.com/apache/superset/pull/13739) fix(sqla-query): order by aggregations in Presto and Hive (#13739) (Jesse Yang)
- [13636](https://github.com/apache/superset/pull/13636) fix(sqllab): Table name and schema are encoded twice during fetching table metadata on SQL Lab page. (#13636) (Dmytro Mudrov)
- [14390](https://github.com/apache/superset/pull/14390) fix(sqllab): fix error due to anonymous user (#14390) (Ville Brofeldt)
- [13288](https://github.com/apache/superset/pull/13288) fix(sqllab): per-tab hide left bar (#13288) (Beto Dealmeida)
- [13841](https://github.com/apache/superset/pull/13841) fix(sqllab): warning message when rows limited (#13841) (zuzana-vej)
- [14045](https://github.com/apache/superset/pull/14045) fix(viz): bump superset-ui 0.17.30 (#14045) (Ville Brofeldt)
- [14438](https://github.com/apache/superset/pull/14438) fix(viz): bump superset-ui to fix bugs in table and graph chart (#14438) (Jesse Yang)
- [14191](https://github.com/apache/superset/pull/14191) fix(viz): time shift read-only error (#14191) (Ville Brofeldt)
- [13657](https://github.com/apache/superset/pull/13657) fix: 'Run in SQL Lab' redirect bug (#13657) (Maxime Beauchemin)
- [13444](https://github.com/apache/superset/pull/13444) fix: API to allow importing old exports (JSON/YAML) (#13444) (Beto Dealmeida)
- [14180](https://github.com/apache/superset/pull/14180) fix: Add extra requires for shillelagh (#14180) (Erik Ritter)
- [14192](https://github.com/apache/superset/pull/14192) fix: Center each import icon and add a tooltip II (#14192) (Lyndsi Kay Williams)
- [13859](https://github.com/apache/superset/pull/13859) fix: Check for permissions in FilterBox (#13859) (Erik Ritter)
- [14317](https://github.com/apache/superset/pull/14317) fix: Cleanup serialization and hashing code (#14317) (Ben Reinhart)
- [13972](https://github.com/apache/superset/pull/13972) fix: Data table z index in sql Editor (#13972) (AAfghahi)
- [13749](https://github.com/apache/superset/pull/13749) fix: Disallows negative options remaining (#13749) (Michael S. Molina)
- [14291](https://github.com/apache/superset/pull/14291) fix: Fix unintended cache misses with async queries (#14291) (Ben Reinhart)
- [14086](https://github.com/apache/superset/pull/14086) fix: Fixed saved query export (#14086) (Lyndsi Kay Williams)
- [13858](https://github.com/apache/superset/pull/13858) fix: Floating Menu in SQL Left Bar (#13858) (AAfghahi)
- [14147](https://github.com/apache/superset/pull/14147) fix: Handle bad permission errors for bigquery test connections (#14147) (Hugh A. Miles II)
- [13980](https://github.com/apache/superset/pull/13980) fix: Issue 13956 (#13980) (John Bodley)
- [13602](https://github.com/apache/superset/pull/13602) fix: ParsedQuery subselect edge case (#13602) (Erik Ritter)
- [13987](https://github.com/apache/superset/pull/13987) fix: Pie chart not displayed in viz (#13987) (Yongjie Zhao)
- [13852](https://github.com/apache/superset/pull/13852) fix: Pin Prophet dependency after breaking changes (#13852) (Étienne Boisseau-Sierra)
- [13469](https://github.com/apache/superset/pull/13469) fix: Remove view in sql lab from druid datasources (#13469) (Erik Ritter)
- [13464](https://github.com/apache/superset/pull/13464) fix: SHOW is not DML (#13464) (Beto Dealmeida)
- [13946](https://github.com/apache/superset/pull/13946) fix: SQL -> Explore Overwrite flow (#13946) (Hugh A. Miles II)
- [14358](https://github.com/apache/superset/pull/14358) fix: SQL Statement on QUERY_LOGGER prints none to log (#14358) (cccs-rc)
- [14372](https://github.com/apache/superset/pull/14372) fix: SQLLab role permissions (#14372) (Daniel Vaz Gaspar)
- [13655](https://github.com/apache/superset/pull/13655) fix: Slack dashboard has stale charts (#13655) (Beto Dealmeida)
- [14170](https://github.com/apache/superset/pull/14170) fix: Switching to local codecov script (#14170) (Craig Rueda)
- [13974](https://github.com/apache/superset/pull/13974) fix: Use superset generic db to catch external_metadata queries (#13974) (Hugh A. Miles II)
- [13830](https://github.com/apache/superset/pull/13830) fix: Use utils.json_iso_dttm_ser to dump jsons when async query execution (#13830) (Carlos Fidel Selva Ochoa)
- [13496](https://github.com/apache/superset/pull/13496) fix: `IS NULL` filter operator for numeric columns (#13496) (Jesse Yang)
- [14036](https://github.com/apache/superset/pull/14036) fix: add exception to catch session not having JWT (#14036) (Hugh A. Miles II)
- [13822](https://github.com/apache/superset/pull/13822) fix: adjusted tab height (#13822) (AAfghahi)
- [13488](https://github.com/apache/superset/pull/13488) fix: allow option to generate new query (#13488) (Elizabeth Thompson)
- [13800](https://github.com/apache/superset/pull/13800) fix: allow spaces in DB names (#13800) (Beto Dealmeida)
- [13563](https://github.com/apache/superset/pull/13563) fix: always pass a string as a value to ace editor (#13563) (Elizabeth Thompson)
- [12341](https://github.com/apache/superset/pull/12341) fix: annotation layer modal err handling (#12341) (Moriah Kreeger)
- [13969](https://github.com/apache/superset/pull/13969) fix: annotation modal dateRangePicker saved invalid value (#13969) (Yongjie Zhao)
- [13790](https://github.com/apache/superset/pull/13790) fix: bad copy-and-paste in API spec (#13790) (Beto Dealmeida)
- [13578](https://github.com/apache/superset/pull/13578) fix: better handle datasource exceptions (#13578) (Daniel Vaz Gaspar)
- [13642](https://github.com/apache/superset/pull/13642) fix: bump FAB to 3.2.1, SQLAlchemy fix (#13642) (Daniel Vaz Gaspar)
- [13868](https://github.com/apache/superset/pull/13868) fix: change status code for generic errors to 400 (#13868) (Hugh A. Miles II)
- [13681](https://github.com/apache/superset/pull/13681) fix: clean up incorrect usage of TypeScript type in PropTypes (#13681) (Jesse Yang)
- [14084](https://github.com/apache/superset/pull/14084) fix: custom TimeRange can not input value (#14084) (Yongjie Zhao)
- [13695](https://github.com/apache/superset/pull/13695) fix: dashboard filter scope bug (#13695) (Grace Guo)
- [13624](https://github.com/apache/superset/pull/13624) fix: data column in SQL lab left panel open by default (#13624) (AAfghahi)
- [13330](https://github.com/apache/superset/pull/13330) fix: date picker support date unit with singular and plural (#13330) (Yongjie Zhao)
- [13603](https://github.com/apache/superset/pull/13603) fix: default when adding tab_state.hide_left_bar (#13603) (Beto Dealmeida)
- [13389](https://github.com/apache/superset/pull/13389) fix: delete dataset columns and metrics on the REST API (#13389) (Daniel Vaz Gaspar)
- [13917](https://github.com/apache/superset/pull/13917) fix: do not run containers as root by default in Helm chart (#13917) (Stanislav Simovski)
- [13926](https://github.com/apache/superset/pull/13926) fix: enable installing docker/requirements-local.txt in docker-compose-non-dev.yml (#13926) (ʈᵃᵢ)
- [13998](https://github.com/apache/superset/pull/13998) fix: execution log crashes for logs with no uuid (#13998) (Jack Fragassi)
- [14081](https://github.com/apache/superset/pull/14081) fix: fix bug when remove chart not removing it's related cross filter data (#14081) (simcha90)
- [13546](https://github.com/apache/superset/pull/13546) fix: fix initial filter loading (#13546) (simcha90)
- [14082](https://github.com/apache/superset/pull/14082) fix: flacky test in test_update_dataset_item_w_override_columns (#14082) (Hugh A. Miles II)
- [14347](https://github.com/apache/superset/pull/14347) fix: flaky test for alerts and reports (#14347) (Daniel Vaz Gaspar)
- [13979](https://github.com/apache/superset/pull/13979) fix: import dataset/dashboard empty keys (#13979) (Beto Dealmeida)
- [14258](https://github.com/apache/superset/pull/14258) fix: incorrect module reference (#14258) (Yongjie Zhao)
- [13737](https://github.com/apache/superset/pull/13737) fix: log exceptions for thumbnail generation as warnings (#13737) (Sam Faber-Manning)
- [14057](https://github.com/apache/superset/pull/14057) fix: logs table - user_id is NULL (#14057) (Hugh A. Miles II)
- [13493](https://github.com/apache/superset/pull/13493) fix: merge 67da9ef1ef9c and 1412ec1e5a7b migrations (#13493) (Hugh A. Miles II)
- [13921](https://github.com/apache/superset/pull/13921) fix: new import/export CLI (#13921) (Beto Dealmeida)
- [13955](https://github.com/apache/superset/pull/13955) fix: null exception from adhoc metric popover (#13955) (Grace Guo)
- [14509](https://github.com/apache/superset/pull/14509) fix: parameterize titles correctly (#14509) (David Aaron Suddjian)
- [14338](https://github.com/apache/superset/pull/14338) fix: pybabel extract fails (#14338) (ume)
- [13780](https://github.com/apache/superset/pull/13780) fix: restart superset container in test script (#13780) (Ben Reinhart)
- [13694](https://github.com/apache/superset/pull/13694) fix: select table overlay (#13694) (AAfghahi)
- [14074](https://github.com/apache/superset/pull/14074) fix: unable to apply logging format (#14074) (Yongjie Zhao)
- [14319](https://github.com/apache/superset/pull/14319) fix: unbreak CI (#14319) (Erik Ritter)
- [13679](https://github.com/apache/superset/pull/13679) fix: use FeatureFlags in superset-ui/core (#13679) (Jesse Yang)
- [14099](https://github.com/apache/superset/pull/14099) fix:fix get permission function (#14099) (simcha90)

**Documentation**
- [13770](https://github.com/apache/superset/pull/13770) docs(contributing): fix backend port (#13770) (Cemre Mengu)
- [13813](https://github.com/apache/superset/pull/13813) docs: Documenting how to debug Flask app (#13813) (cccs-jc)
- [13455](https://github.com/apache/superset/pull/13455) docs: Fix typo in footer (#13455) (Holger Stitz)
- [14304](https://github.com/apache/superset/pull/14304) docs: add publish step (#14304) (ʈᵃᵢ)
- [13611](https://github.com/apache/superset/pull/13611) docs: correct sentence (#13611) (Erfan Mirzapour)
- [13440](https://github.com/apache/superset/pull/13440) docs: deprecate old alerts and dash/charts reports (#13440) (Daniel Vaz Gaspar)
- [14394](https://github.com/apache/superset/pull/14394) docs: improved clickhouse connection details (#14394) (Srini Kadamati)
- [14321](https://github.com/apache/superset/pull/14321) docs: multiple small fixes around databases (#14321) (Srini Kadamati)
- [12932](https://github.com/apache/superset/pull/12932) docs: update helm documentation (#12932) (Anthony Corletti)
- [14027](https://github.com/apache/superset/pull/14027) docs: update outdated country map tools instructions (#14027) (Jesse Yang)
- [13781](https://github.com/apache/superset/pull/13781) docs: update setup instructions (#13781) (Ben Reinhart)

**Other**
- [13759](https://github.com/apache/superset/pull/13759) Add CODEOWNERS (#13759) (Rob DiCiuccio)
- [14238](https://github.com/apache/superset/pull/14238) Add Preset code owners for ephemeral test env workflows (#14238) (Rob DiCiuccio)
- [13553](https://github.com/apache/superset/pull/13553) Add dedicated dir and storybook (#13553) (Geido)
- [13961](https://github.com/apache/superset/pull/13961) Add docs for configuring Docker Compose setup (#13961) (Alex Kreidler)
- [13728](https://github.com/apache/superset/pull/13728) Add extraSecrets config to allow specifying extra secret files (#13728) (Andreas Eberle)
- [14223](https://github.com/apache/superset/pull/14223) Add superset helm repository (#14223) (jawabuu)
- [13778](https://github.com/apache/superset/pull/13778) Add tests (#13778) (Geido)
- [13950](https://github.com/apache/superset/pull/13950) Add tests for FilterBar CascadeFilterControl (#13950) (Geido)
- [13425](https://github.com/apache/superset/pull/13425) Adding v0 import/export fields to dashboard metadata schema (#13425) (michellethomas)
- [13359](https://github.com/apache/superset/pull/13359) Adds tests and storybook to CopyToClipboard component (#13359) (Michael S. Molina)
- [13658](https://github.com/apache/superset/pull/13658) Bump pyyaml to latest (#13658) (Rob DiCiuccio)
- [13854](https://github.com/apache/superset/pull/13854) Displays row limit warning with Alert component (#13854) (Michael S. Molina)
- [14187](https://github.com/apache/superset/pull/14187) Enable the new pivot table (#14187) (Kamil Gabryjelski)
- [13861](https://github.com/apache/superset/pull/13861) Fix broken link (#13861) (Eric Anderson)
- [14039](https://github.com/apache/superset/pull/14039) Fix broken port-forward instructions (#14039) (Caleb Collins-Parks)
- [14243](https://github.com/apache/superset/pull/14243) Fix filter edit popover not opening in DnD mode (#14243) (Kamil Gabryjelski)
- [13608](https://github.com/apache/superset/pull/13608) Fix: Add SASL dependency module (#13608) (Daniel Wood)
- [13505](https://github.com/apache/superset/pull/13505) Fixed KeyError by making kwarg explicit (#13505) (Richard Nordin)
- [13905](https://github.com/apache/superset/pull/13905) Fixing condition around left margin for dashboard layout. Fixes #13863 (13905) (Evan Rusackas)
- [14323](https://github.com/apache/superset/pull/14323) Fixing spelling: `clint` -> `client` (#14323) (Chris Carini)
- [13570](https://github.com/apache/superset/pull/13570) Given port in dockerfile set to same port in config (#13570) (İbrahim Ercan)
- [13273](https://github.com/apache/superset/pull/13273) Improves ButtonGroup tests (#13273) (Michael S. Molina)
- [14046](https://github.com/apache/superset/pull/14046) Make chart exclude itself from cross filtering (#14046) (Kamil Gabryjelski)
- [14287](https://github.com/apache/superset/pull/14287) Make g.user attribute access safe for public users (#14287) (Rob DiCiuccio)
- [13643](https://github.com/apache/superset/pull/13643) Make preliminary suggested changes to CONTRIBUTING.md (#13643) (Kris Stern)
- [13314](https://github.com/apache/superset/pull/13314) Moves AsyncSelect component and tests to own folder (#13314) (Michael S. Molina)
- [13901](https://github.com/apache/superset/pull/13901) Revert "fix: select table overlay (#13694)" (13901) (Erik Ritter)
- [13876](https://github.com/apache/superset/pull/13876) Tests for "CrossFilterScopingModal/utils" (#13876) (Bruno Motta)
- [13991](https://github.com/apache/superset/pull/13991) Tests for ColumnSelect (#13991) (Bruno Motta)
- [13975](https://github.com/apache/superset/pull/13975) Tests for ControlItems (#13975) (Bruno Motta)
- [13872](https://github.com/apache/superset/pull/13872) Tests for DetailsPanel (#13872) (Bruno Motta)
- [14025](https://github.com/apache/superset/pull/14025) Update CONTRIBUTING.md (#14025) (Hugh A. Miles II)
- [13607](https://github.com/apache/superset/pull/13607) Update UPDATING.md (#13607) (Beto Dealmeida)
- [13934](https://github.com/apache/superset/pull/13934) Update docs to use the newer WEBDRIVER_TYPE name (#13934) (Octavian)
- [14219](https://github.com/apache/superset/pull/14219) Update trino connection docs (#14219) (Aakash Nand)
- [14031](https://github.com/apache/superset/pull/14031) Use consistent chart value (#14031) (Tom Vendetta)
- [13323](https://github.com/apache/superset/pull/13323) Use redis:latest in docker-compose workflow (#13323) (Rob DiCiuccio)
- [13730](https://github.com/apache/superset/pull/13730) Use stringData instead of data in Secrets and remove manual base64 encoding (#13730) (Andreas Eberle)
- [13936](https://github.com/apache/superset/pull/13936) Use the right variable for Celery results in Redis (#13936) (Octavian)
- [14252](https://github.com/apache/superset/pull/14252) WIP (#14252) (Beto Dealmeida)
- [14446](https://github.com/apache/superset/pull/14446) add migration (#14446) (Ville Brofeldt)
- [13365](https://github.com/apache/superset/pull/13365) add more documentation around python testing and linting (#13365) (Elizabeth Thompson)
- [13527](https://github.com/apache/superset/pull/13527) build(deps): bump elliptic from 6.5.3 to 6.5.4 in /docs (#13527) (dependabot[bot])
- [12636](https://github.com/apache/superset/pull/12636) build(deps): bump socket.io from 2.3.0 to 2.4.1 in /docs (#12636) (dependabot[bot])
- [13391](https://github.com/apache/superset/pull/13391) build(deps): bump three from 0.68.87 to 0.125.0 in /docs (#13391) (dependabot[bot])
- [13393](https://github.com/apache/superset/pull/13393) build(deps): bump urijs from 1.19.4 to 1.19.6 in /superset-frontend (#13393) (dependabot[bot])
- [13874](https://github.com/apache/superset/pull/13874) build(deps): bump y18n from 4.0.0 to 4.0.1 in /docs (#13874) (dependabot[bot])
- [13886](https://github.com/apache/superset/pull/13886) build(deps): bump y18n from 4.0.0 to 4.0.1 in /superset-frontend (#13886) (dependabot[bot])
- [13452](https://github.com/apache/superset/pull/13452) build(test env): Shutdown test environments on PR close (#13452) (Rob DiCiuccio)
- [13189](https://github.com/apache/superset/pull/13189) build: Ephemeral environments for PRs via slash command (#13189) (Rob DiCiuccio)
- [13498](https://github.com/apache/superset/pull/13498) build: check potential db migration conflict for open PRs (#13498) (Jesse Yang)
- [13375](https://github.com/apache/superset/pull/13375) build: fix codecov informational config (#13375) (Jesse Yang)
- [13421](https://github.com/apache/superset/pull/13421) build: ignore Storybook stories in CodeCov (#13421) (Jesse Yang)
- [13677](https://github.com/apache/superset/pull/13677) build: implement codecov carryforward flags (#13677) (Jack Fragassi)
- [13927](https://github.com/apache/superset/pull/13927) catch collapse onchange (#13927) (Elizabeth Thompson)
- [13757](https://github.com/apache/superset/pull/13757) chore(CI): dont run Hive tests on Py 3.7 (#13757) (Jesse Yang)
- [13784](https://github.com/apache/superset/pull/13784) chore(cypress): Make the e2e tests more behavior-driven (#13784) (David Aaron Suddjian)
- [13939](https://github.com/apache/superset/pull/13939) chore(dashboard): Datasource -> Dataset (#13939) (David Aaron Suddjian)
- [14342](https://github.com/apache/superset/pull/14342) chore(docker-compose): use dev image for docker-compose-non-dev.yml (#14342) (ʈᵃᵢ)
- [14331](https://github.com/apache/superset/pull/14331) chore(docs): remove .py from db migrate -m (#14331) (Amit Miran)
- [13660](https://github.com/apache/superset/pull/13660) chore(explore): added debounce in DateFilter (#13660) (Yongjie Zhao)
- [13593](https://github.com/apache/superset/pull/13593) chore(explore): bump superset-ui 0.17.19 (#13593) (Yongjie Zhao)
- [13767](https://github.com/apache/superset/pull/13767) chore(git): ignore superset/app/ folder (#13767) (Cemre Mengu)
- [13500](https://github.com/apache/superset/pull/13500) chore(homepage): separate out api calls to make homepage load more dynamically (#13500) (Phillip Kelley-Dotson)
- [14228](https://github.com/apache/superset/pull/14228) chore(prophet): bump prophet to 1.0.1 (#14228) (Ville Brofeldt)
- [13306](https://github.com/apache/superset/pull/13306) chore(spa refactor): refactoring dashboard to use api's instead of bootstrapdata (#13306) (Phillip Kelley-Dotson)
- [14013](https://github.com/apache/superset/pull/14013) chore(toggle thumbnails): use localstorage for toggle (#14013) (Phillip Kelley-Dotson)
- [14274](https://github.com/apache/superset/pull/14274) chore: Add Redis password option to helm chart (#14274) (Rob DiCiuccio)
- [13418](https://github.com/apache/superset/pull/13418) chore: Added rockset and firebird (#13418) (Srini Kadamati)
- [13951](https://github.com/apache/superset/pull/13951) chore: Adds dataMask reducer to reducerIndex (#13951) (Michael S. Molina)
- [14203](https://github.com/apache/superset/pull/14203) chore: Bumping lodash version in Superset (#14203) (Evan Rusackas)
- [14196](https://github.com/apache/superset/pull/14196) chore: Code cleanup in DatabaseModal (#14196) (Lyndsi Kay Williams)
- [14164](https://github.com/apache/superset/pull/14164) chore: Configures Jest to ignore storybook files when collecting coverage statistics (#14164) (Michael S. Molina)
- [14339](https://github.com/apache/superset/pull/14339) chore: Improve Japanese translation (#14339) (ume)
- [13722](https://github.com/apache/superset/pull/13722) chore: Improve Korean translation (#13722) (김세환)
- [13376](https://github.com/apache/superset/pull/13376) chore: Improve japannese translation (#13376) (Tetsushi Watanabe)
- [14193](https://github.com/apache/superset/pull/14193) chore: Improves Icons storybook (#14193) (Michael S. Molina)
- [13274](https://github.com/apache/superset/pull/13274) chore: Migrates RefreshChartOverlay into Chart (#13274) (Michael S. Molina)
- [13361](https://github.com/apache/superset/pull/13361) chore: Migrating dashboard/components/menu from jsx to tsx (#13361) (Ayan Ginet)
- [13460](https://github.com/apache/superset/pull/13460) chore: Moves BootstrapSliderWrapper to own folder (#13460) (Michael S. Molina)
- [14139](https://github.com/apache/superset/pull/14139) chore: Moves Card to the components folder (#14139) (Michael S. Molina)
- [13454](https://github.com/apache/superset/pull/13454) chore: Moves ChartIcon to own folder (#13454) (Michael S. Molina)
- [13459](https://github.com/apache/superset/pull/13459) chore: Moves CheckboxIcons to Checkbox folder (#13459) (Michael S. Molina)
- [14124](https://github.com/apache/superset/pull/14124) chore: Moves Collapse to the components folder (#14124) (Michael S. Molina)
- [14125](https://github.com/apache/superset/pull/14125) chore: Moves CronPicker to the components folder (#14125) (Michael S. Molina)
- [14126](https://github.com/apache/superset/pull/14126) chore: Moves Dropdown to the components folder (#14126) (Michael S. Molina)
- [14127](https://github.com/apache/superset/pull/14127) chore: Moves DropdownButton to the components folder (#14127) (Michael S. Molina)
- [13458](https://github.com/apache/superset/pull/13458) chore: Moves Fade component into TableElement (#13458) (Michael S. Molina)
- [13322](https://github.com/apache/superset/pull/13322) chore: Moves FilterableTable test to component folder (#13322) (Michael S. Molina)
- [13485](https://github.com/apache/superset/pull/13485) chore: Moves InfoTooltip component to own folder (#13485) (Michael S. Molina)
- [14128](https://github.com/apache/superset/pull/14128) chore: Moves InfoTooltip to the components folder (#14128) (Michael S. Molina)
- [13324](https://github.com/apache/superset/pull/13324) chore: Moves ListView test to component folder (#13324) (Michael S. Molina)
- [14130](https://github.com/apache/superset/pull/14130) chore: Moves Modal to the components folder (#14130) (Michael S. Molina)
- [13338](https://github.com/apache/superset/pull/13338) chore: Moves OnPasteSelect tests to component's folder (#13338) (Michael S. Molina)
- [14133](https://github.com/apache/superset/pull/14133) chore: Moves Radio to the components folder (#14133) (Michael S. Molina)
- [14135](https://github.com/apache/superset/pull/14135) chore: Moves Switch to the components folder (#14135) (Michael S. Molina)
- [13411](https://github.com/apache/superset/pull/13411) chore: Moves TableSelector tests to component's folder (#13411) (Michael S. Molina)
- [14136](https://github.com/apache/superset/pull/14136) chore: Moves Tabs to the components folder (#14136) (Michael S. Molina)
- [14137](https://github.com/apache/superset/pull/14137) chore: Moves Tooltip to the components folder (#14137) (Michael S. Molina)
- [14123](https://github.com/apache/superset/pull/14123) chore: Moves WarningIconWithTooltip to own folder (#14123) (Michael S. Molina)
- [14200](https://github.com/apache/superset/pull/14200) chore: Moves spec files to the src folder - iteration 1 (#14200) (Michael S. Molina)
- [14201](https://github.com/apache/superset/pull/14201) chore: Moves spec files to the src folder - iteration 2 (#14201) (Michael S. Molina)
- [14202](https://github.com/apache/superset/pull/14202) chore: Moves spec files to the src folder - iteration 3 (#14202) (Michael S. Molina)
- [14166](https://github.com/apache/superset/pull/14166) chore: Moves the branding folder to the assets folder (#14166) (Michael S. Molina)
- [14167](https://github.com/apache/superset/pull/14167) chore: Moves the staticPages folder to the assets folder (#14167) (Michael S. Molina)
- [13462](https://github.com/apache/superset/pull/13462) chore: Removes Popover duplication (#13462) (Michael S. Molina)
- [13477](https://github.com/apache/superset/pull/13477) chore: Removes Select duplication (#13477) (Michael S. Molina)
- [13408](https://github.com/apache/superset/pull/13408) chore: Removes unused Hotkeys component (#13408) (Michael S. Molina)
- [14298](https://github.com/apache/superset/pull/14298) chore: SQLLab row limit warning using Alert component (#14298) (zuzana-vej)
- [13332](https://github.com/apache/superset/pull/13332) chore: Update OAuth2 configuration guide to match with FlaskAppBuilder (#13332) (Liam)
- [13855](https://github.com/apache/superset/pull/13855) chore: Update PR template for SIP-59 DB migrations process (#13855) (Rob DiCiuccio)
- [13738](https://github.com/apache/superset/pull/13738) chore: Update presto.mdx (#13738) (Hugh A. Miles II)
- [14257](https://github.com/apache/superset/pull/14257) chore: WebSocket server improvements (#14257) (Ben Reinhart)
- [14354](https://github.com/apache/superset/pull/14354) chore: add some basic instrumentation to Node WebSocket server (#14354) (Ben Reinhart)
- [13811](https://github.com/apache/superset/pull/13811) chore: add success log whenever a connection is working (#13811) (Hugh A. Miles II)
- [14355](https://github.com/apache/superset/pull/14355) chore: bump 0.17.38 (#14355) (Amit Miran)
- [13953](https://github.com/apache/superset/pull/13953) chore: bump superset-ui/plugin-chart-table to 0.17.28 (#13953) (Jesse Yang)
- [14222](https://github.com/apache/superset/pull/14222) chore: bump package.json (#14222) (Amit Miran)
- [14253](https://github.com/apache/superset/pull/14253) chore: bump superset-ui (#14253) (Erik Ritter)
- [14460](https://github.com/apache/superset/pull/14460) chore: bump table plugin to 0.17.42 (#14460) (Amit Miran)
- [13932](https://github.com/apache/superset/pull/13932) chore: bump to new superset-ui version (#13932) (Amit Miran)
- [13374](https://github.com/apache/superset/pull/13374) chore: convert chartReducer to TypeScript (#13374) (Jesse Yang)
- [13450](https://github.com/apache/superset/pull/13450) chore: disable drag metrics and columns in datasourcePanel (#13450) (Yongjie Zhao)
- [13342](https://github.com/apache/superset/pull/13342) chore: improve modal error handling (#13342) (Lily Kuang)
- [13596](https://github.com/apache/superset/pull/13596) chore: metric refactor iteration 1 (#13596) (Yongjie Zhao)
- [13296](https://github.com/apache/superset/pull/13296) chore: migrating some LESS (#13296) (Evan Rusackas)
- [14169](https://github.com/apache/superset/pull/14169) chore: rename connection errors (#14169) (Beto Dealmeida)
- [13970](https://github.com/apache/superset/pull/13970) chore: starter make file (#13970) (Hugh A. Miles II)
- [14088](https://github.com/apache/superset/pull/14088) chore: stop logging `SupersetExceptions` if status < 500 (#14088) (Hugh A. Miles II)
- [14178](https://github.com/apache/superset/pull/14178) chore: type some SQL Lab components (#14178) (Erik Ritter)
- [14152](https://github.com/apache/superset/pull/14152) chore: update RELEASING readme (#14152) (Lily Kuang)
- [13104](https://github.com/apache/superset/pull/13104) chore: update docs for new alerts and reporting feature (#13104) (leocape)
- [14033](https://github.com/apache/superset/pull/14033) chore: well component to card component(Updating PR #12200) (14033) (Bruno Motta)
- [13518](https://github.com/apache/superset/pull/13518) ci: increase page size of GH PR API call (#13518) (Ville Brofeldt)
- [14350](https://github.com/apache/superset/pull/14350) ci: set remote URL to https and bump sha (#14350) (Daniel Vaz Gaspar)
- [14211](https://github.com/apache/superset/pull/14211) ci: use git submodules for Chart Actions (#14211) (jawabuu)
- [13587](https://github.com/apache/superset/pull/13587) create better link for badge (#13587) (Elizabeth Thompson)
- [13626](https://github.com/apache/superset/pull/13626) dynamic dttm fix for test_convert_dttm (#13626) (Nikola Gigić)
- [14140](https://github.com/apache/superset/pull/14140) horizontal scroll (#14140) (AAfghahi)
- [13367](https://github.com/apache/superset/pull/13367) npm audit security updates (#13367) (Elizabeth Thompson)
- [14443](https://github.com/apache/superset/pull/14443) perf(native-filters): Load native filters after charts (#14443) (simcha90)
- [14408](https://github.com/apache/superset/pull/14408) perf(native-filters): avoid unnecessary reloading of charts (#14408) (simcha90)
- [14035](https://github.com/apache/superset/pull/14035) refactor(addslicecontainer): move slice container panel from bootstrap panel to ant-d (#14035) (Phillip Kelley-Dotson)
- [14366](https://github.com/apache/superset/pull/14366) refactor(db_engine_specs): Removing top-level import of app (#14366) (John Bodley)
- [13221](https://github.com/apache/superset/pull/13221) refactor(explore): convert ControlPanelsContainer to typescript (#13221) (Jesse Yang)
- [13437](https://github.com/apache/superset/pull/13437) refactor(native-filters): Move `filtersState` to `dataMask` redux root (#13437) (simcha90)
- [14441](https://github.com/apache/superset/pull/14441) refactor(native-filters): allow cascading only for filter_select (#14441) (simcha90)
- [13723](https://github.com/apache/superset/pull/13723) refactor(native-filters): refactor filter bar (#13723) (simcha90)
- [13983](https://github.com/apache/superset/pull/13983) refactor(native-filters): update dataMask and ExtraFormData schema (#13983) (simcha90)
- [13137](https://github.com/apache/superset/pull/13137) refactor(self-trigger): Split native filters state (#13137) (simcha90)
- [14090](https://github.com/apache/superset/pull/14090) refactor(userInfo): userinfo panel to styled component (#14090) (Phillip Kelley-Dotson)
- [14100](https://github.com/apache/superset/pull/14100) refactor: Boostrap to AntD - Row/Col (#14100) (Michael S. Molina)
- [14048](https://github.com/apache/superset/pull/14048) refactor: Boostrap to AntD - Tabs (#14048) (Michael S. Molina)
- [14106](https://github.com/apache/superset/pull/14106) refactor: Bootstrap to AntD - Form - iteration 1 (#14106) (Michael S. Molina)
- [13996](https://github.com/apache/superset/pull/13996) refactor: Bootstrap to AntD - ListGroup (#13996) (Michael S. Molina)
- [13989](https://github.com/apache/superset/pull/13989) refactor: Bootstrap to AntD - Slider (#13989) (Michael S. Molina)
- [13218](https://github.com/apache/superset/pull/13218) refactor: Introduce api resource hooks, fetch owners for chart errors (#13218) (David Aaron Suddjian)
- [12229](https://github.com/apache/superset/pull/12229) refactor: New Icon system with Enhanced Antd Custom Icon (#12229) (Geido)
- [13797](https://github.com/apache/superset/pull/13797) refactor: New schedule query button (#13797) (AAfghahi)
- [13102](https://github.com/apache/superset/pull/13102) refactor: Query search into functional component (#13102) (AAfghahi)
- [13785](https://github.com/apache/superset/pull/13785) refactor: Revert "refactor: ScheduleQueryButton into functional component (#134… (13785) (Hugh A. Miles II)
- [13443](https://github.com/apache/superset/pull/13443) refactor: ScheduleQueryButton into functional component (#13443) (AAfghahi)
- [13630](https://github.com/apache/superset/pull/13630) refactor: Share sql lab query (#13630) (AAfghahi)
- [13676](https://github.com/apache/superset/pull/13676) refactor: SouthPane into functional component (#13676) (AAfghahi)
- [13417](https://github.com/apache/superset/pull/13417) refactor: add set data mask to build query (#13417) (simcha90)
- [13401](https://github.com/apache/superset/pull/13401) refactor: convert controlUtils to TypeScript (1 of 2) (#13401) (Jesse Yang)
- [13520](https://github.com/apache/superset/pull/13520) refactor: convert controlUtils to TypeScript (2 of 2) (#13520) (Jesse Yang)
- [13877](https://github.com/apache/superset/pull/13877) refactor: move CTAS/CVAS field II (#13877) (Hugh A. Miles II)
- [14309](https://github.com/apache/superset/pull/14309) refactor: reorganize dateFilterUtils.tx (#14309) (Yongjie Zhao)
- [13174](https://github.com/apache/superset/pull/13174) sql Lab buttons (#13174) (AAfghahi)
- [13537](https://github.com/apache/superset/pull/13537) switch message content between chart and dashboard AlertReportModal (#13537) (Lily Kuang)
- [14371](https://github.com/apache/superset/pull/14371) test(maximize-chart): Add tests to maximize chart action (#14371) (simcha90)
- [14245](https://github.com/apache/superset/pull/14245) test(native-filters): Filter config modal test (#14245) (simcha90)
- [14098](https://github.com/apache/superset/pull/14098) test(native-filters): add integration tests for filter bar (#14098) (simcha90)
- [13973](https://github.com/apache/superset/pull/13973) test: Add tests for Dashboard Header and HeaderActionsDropdown components (#13973) (Geido)
- [13517](https://github.com/apache/superset/pull/13517) test: Adds storybook and tests to AsyncEsmComponent (#13517) (Michael S. Molina)
- [13547](https://github.com/apache/superset/pull/13547) test: Adds storybook and tests to PopoverDropdown component (#13547) (Michael S. Molina)
- [13516](https://github.com/apache/superset/pull/13516) test: Adds storybook to AlteredSliceTag component (#13516) (Michael S. Molina)
- [13406](https://github.com/apache/superset/pull/13406) test: Adds storybook to AnchorLink component (#13406) (Michael S. Molina)
- [13412](https://github.com/apache/superset/pull/13412) test: Adds storybook to ConfirmStatusChange component (#13412) (Michael S. Molina)
- [13482](https://github.com/apache/superset/pull/13482) test: Adds storybook to Dropdown and DropdownButton components (#13482) (Michael S. Molina)
- [13362](https://github.com/apache/superset/pull/13362) test: Adds storybook to EditableTitle component (#13362) (Michael S. Molina)
- [13407](https://github.com/apache/superset/pull/13407) test: Adds storybook to FormRow component (#13407) (Michael S. Molina)
- [13415](https://github.com/apache/superset/pull/13415) test: Adds storybook to IconTooltip component (#13415) (Michael S. Molina)
- [13410](https://github.com/apache/superset/pull/13410) test: Adds storybook to SearchInput component (#13410) (Michael S. Molina)
- [13479](https://github.com/apache/superset/pull/13479) test: Adds storybook to Switch component (#13479) (Michael S. Molina)
- [13343](https://github.com/apache/superset/pull/13343) test: Adds storybook to Timer component (#13343) (Michael S. Molina)
- [13457](https://github.com/apache/superset/pull/13457) test: Adds tests and storybook to CertifiedIcon component (#13457) (Michael S. Molina)
- [13438](https://github.com/apache/superset/pull/13438) test: Adds tests and storybook to PopoverSection component (#13438) (Michael S. Molina)
- [13409](https://github.com/apache/superset/pull/13409) test: Adds tests and storybook to RefreshLabel (#13409) (Michael S. Molina)
- [13705](https://github.com/apache/superset/pull/13705) test: Adds tests for the FixedOrMetricControl component (#13705) (Michael S. Molina)
- [13299](https://github.com/apache/superset/pull/13299) test: Adds tests to TableLoader component (#13299) (Michael S. Molina)
- [13319](https://github.com/apache/superset/pull/13319) test: Adds tests to URLShortLinkButton component (#13319) (Michael S. Molina)
- [13650](https://github.com/apache/superset/pull/13650) test: Adds tests to dnd controls (#13650) (Michael S. Molina)
- [13664](https://github.com/apache/superset/pull/13664) test: Adds tests to the AdvancedFrame component (#13664) (Michael S. Molina)
- [13748](https://github.com/apache/superset/pull/13748) test: Adds tests to the AnnotationLayer component (#13748) (Michael S. Molina)
- [13933](https://github.com/apache/superset/pull/13933) test: Adds tests to the CssEditor component (#13933) (Michael S. Molina)
- [13675](https://github.com/apache/superset/pull/13675) test: Adds tests to the CustomFrame component (#13675) (Michael S. Molina)
- [13729](https://github.com/apache/superset/pull/13729) test: Adds tests to the OptionControls component (#13729) (Michael S. Molina)
- [13892](https://github.com/apache/superset/pull/13892) test: Adds tests to the PublishedStatus component (#13892) (Michael S. Molina)
- [13712](https://github.com/apache/superset/pull/13712) test: Adds tests to the TimeSeriesColumnControl component (#13712) (Michael S. Molina)
- [13919](https://github.com/apache/superset/pull/13919) test: Adds tests to the UndoRedoKeyListeners component (#13919) (Michael S. Molina)
- [13887](https://github.com/apache/superset/pull/13887) test: Adds tests to the filter scope components (#13887) (Michael S. Molina)
- [13787](https://github.com/apache/superset/pull/13787) test: AdhocMetricEditPopover (#13787) (Bruno Motta)
- [13318](https://github.com/apache/superset/pull/13318) test: CacheLabel (#13318) (Bruno Motta)
- [13656](https://github.com/apache/superset/pull/13656) test: CollectionControl (#13656) (Bruno Motta)
- [13549](https://github.com/apache/superset/pull/13549) test: CronPicker (#13549) (Bruno Motta)
- [13875](https://github.com/apache/superset/pull/13875) test: CrossFilterScopingForm (#13875) (Bruno Motta)
- [13668](https://github.com/apache/superset/pull/13668) test: DataTableControl (#13668) (Bruno Motta)
- [13736](https://github.com/apache/superset/pull/13736) test: DataTablesPane (#13736) (Bruno Motta)
- [13581](https://github.com/apache/superset/pull/13581) test: DatabaseSelector (#13581) (Bruno Motta)
- [13605](https://github.com/apache/superset/pull/13605) test: DatasourceControl (#13605) (Bruno Motta)
- [13627](https://github.com/apache/superset/pull/13627) test: DatasourcePanelDragWrapper (#13627) (Bruno Motta)
- [13750](https://github.com/apache/superset/pull/13750) test: DisplayQueryButton (#13750) (Bruno Motta)
- [13745](https://github.com/apache/superset/pull/13745) test: Enhance tests and directory structure for FilterControl components (#13745) (Geido)
- [13276](https://github.com/apache/superset/pull/13276) test: ErrorBoundary dedicated directory and tests (#13276) (Geido)
- [13358](https://github.com/apache/superset/pull/13358) test: ErrorMessage components tests (#13358) (Geido)
- [13753](https://github.com/apache/superset/pull/13753) test: FilterBoxItemControl (#13753) (Bruno Motta)
- [14028](https://github.com/apache/superset/pull/14028) test: FilterSets-utils (#14028) (Bruno Motta)
- [13548](https://github.com/apache/superset/pull/13548) test: Fixes PropertiesModal_spec (#13548) (Michael S. Molina)
- [13270](https://github.com/apache/superset/pull/13270) test: FormLabel dedicated directory and tests (#13270) (Geido)
- [13302](https://github.com/apache/superset/pull/13302) test: Menu component tests (#13302) (Geido)
- [13277](https://github.com/apache/superset/pull/13277) test: Pagination component (#13277) (Bruno Motta)
- [13818](https://github.com/apache/superset/pull/13818) test: PropertiesModal (#13818) (Bruno Motta)
- [13931](https://github.com/apache/superset/pull/13931) test: PropertiesModal (Dashboard) (#13931) (Bruno Motta)
- [13799](https://github.com/apache/superset/pull/13799) test: Refactor and enhance tests for the Explore DatasourcePanel Component (#13799) (Geido)
- [13638](https://github.com/apache/superset/pull/13638) test: SelectAsyncControl (#13638) (Bruno Motta)
- [13860](https://github.com/apache/superset/pull/13860) test: ShareMenuItems (#13860) (Bruno Motta)
- [13888](https://github.com/apache/superset/pull/13888) test: SliceHeader (#13888) (Bruno Motta)
- [13895](https://github.com/apache/superset/pull/13895) test: SliceHeaderControls (#13895) (Bruno Motta)
- [13937](https://github.com/apache/superset/pull/13937) test: Tab (#13937) (Bruno Motta)
- [13583](https://github.com/apache/superset/pull/13583) test: TableCollection (#13583) (Bruno Motta)
- [13941](https://github.com/apache/superset/pull/13941) test: Tabs (#13941) (Bruno Motta)
- [13502](https://github.com/apache/superset/pull/13502) test: Tests and Storybook entry for the IndeterminateCheckbox Component (#13502) (Geido)
- [13501](https://github.com/apache/superset/pull/13501) test: Tests and Storybook entry for the TableView Component (#13501) (Geido)
- [13508](https://github.com/apache/superset/pull/13508) test: Tests and dedicated directory for the SupersetResourceSelect Component (#13508) (Geido)
- [13916](https://github.com/apache/superset/pull/13916) test: Tests audit for the Dashboard FilterBar (#13916) (Geido)
- [13286](https://github.com/apache/superset/pull/13286) test: Tests for DeleteModal component (#13286) (Bruno Motta)
- [13305](https://github.com/apache/superset/pull/13305) test: Tests for OmniContainer (#13305) (Bruno Motta)
- [13513](https://github.com/apache/superset/pull/13513) test: Tests, dedicated directory and Storybook for the Badge component (#13513) (Geido)
- [13534](https://github.com/apache/superset/pull/13534) test: Tests, dedicated directory and Storybook for the ProgressBar component (#13534) (Geido)
- [13751](https://github.com/apache/superset/pull/13751) test: changing logger.exception to logger.errors in databases api (#13751) (AAfghahi)
- [13719](https://github.com/apache/superset/pull/13719) test: exploreUtils (#13719) (Bruno Motta)
- [13329](https://github.com/apache/superset/pull/13329) test: optimize codecov config (#13329) (Jesse Yang)
- [13984](https://github.com/apache/superset/pull/13984) test: prevent flaky frontend unit test case (#13984) (Yongjie Zhao)
- [13320](https://github.com/apache/superset/pull/13320) test: tests for component FaveStar (#13320) (Bruno Motta)
- [13555](https://github.com/apache/superset/pull/13555) test: useChangeEffect (#13555) (Bruno Motta)
- [13554](https://github.com/apache/superset/pull/13554) test: usePrevious hook (#13554) (Bruno Motta)
- [13873](https://github.com/apache/superset/pull/13873) tests for FilterIndicator (#13873) (Bruno Motta)
- [13896](https://github.com/apache/superset/pull/13896) tests for function handleScroll (#13896) (Bruno Motta)
- [14363](https://github.com/apache/superset/pull/14363) update default cron settings for new alerts and reports (#14363) (Sam Faber-Manning)
- [13463](https://github.com/apache/superset/pull/13463) update test (#13463) (Lily Kuang)
- [13897](https://github.com/apache/superset/pull/13897) updates load_examples to load-examples (#13897) (Alex Simoes)
- [14009](https://github.com/apache/superset/pull/14009) use dynamic time_grains for schema (#14009) (Elizabeth Thompson)
- [13424](https://github.com/apache/superset/pull/13424) use semver for badge sort (#13424) (Elizabeth Thompson)

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.5

CVSS v3 Details

HIGH 7.5

Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality Impact (C): NONE
Integrity Impact (I): NONE
Availability Availability (A): HIGH

CVSS v2 Details

MEDIUM 5.0

Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (Au): NONE
Confidentiality Impact (C): NONE
Integrity Impact (I): NONE
Availability Impact (A): PARTIAL