potiuk opened a new pull request, #69730: URL: https://github.com/apache/airflow/pull/69730
Bumps the vendored Flask-AppBuilder dependency in the FAB provider from 5.2.1 to 5.2.2. FAB 5.2.2 hardens the security manager (LDAP search-filter escaping, OAuth email-allowlist regex anchoring, API-login provider validation). Airflow's vendored security manager already escapes LDAP filters (and validates the search filter), and it inherits the OAuth allowlist matching from FAB's OAuth view via `super().oauth_authorized()`, so `override.py` needs no change; `test_fab_alignment.py` confirms the vendored code stays structurally in sync with 5.2.2. --- ##### Was generative AI tooling used to co-author this PR? - [X] Yes — Claude Code (Opus 4.8) Generated-by: Claude Code (Opus 4.8) following [the guidelines](https://github.com/apache/airflow/blob/main/contributing-docs/05_pull_requests.rst#gen-ai-assisted-contributions) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
