+1 (non-binding) for deprecating the endpoint since it is prone to security issues. I have also reviewed the PR.
Also looking forward to the contributions/proposals on the alternative endpoints to support secure authentication mechanisms. - Ajantha On Tue, Jul 9, 2024 at 7:26 AM Jack Ye <yezhao...@gmail.com> wrote: > +1 (binding) > > There are some wording aspects that others still have comments in the PR, > but in general, +1 for deprecating the endpoint. > > Best, > Jack Ye > > On Mon, Jul 8, 2024 at 9:22 AM Robert Stupp <sn...@snazy.de> wrote: > >> +1 >> >> On 08.07.24 18:15, Robert Stupp wrote: >> > Hi Everyone, >> > >> > I propose that we merge PR to "Deprecate oauth/tokens endpoint". >> > >> > The background and overall plan is discussed on this mailing list [2] >> > and this google doc [3]. >> > >> > Please vote in the next 72 hours. >> > >> > Robert >> > >> > >> > >> > [1] https://github.com/apache/iceberg/pull/10603 >> > >> > [2] https://lists.apache.org/thread/twk84xx7v0xy5q5tfd9x5torgr82vv50 >> > and https://lists.apache.org/thread/wcm9ylm0nbwfrx65n8b1tpjrdhgvcx24 >> > and https://lists.apache.org/thread/qksh9j9d8h6nt6qrfl47bj76jthddb0p >> > >> > [3] >> > >> https://docs.google.com/document/d/1Xi5MRk8WdBWFC3N_eSmVcrLhk3yu5nJ9x_wC0ec6kVQ >> > >> -- >> Robert Stupp >> @snazy >> >>
