The GitHub Actions job "Tests AMD" on airflow.git/v3-0-test has succeeded. Run started by GitHub user potiuk (triggered by potiuk).
Head commit for run: 30f51d3969f60854dcd07bd50e7d7753a0bf1d37 / github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> [v3-0-test] Clarify our security model for sensitive connection information (#54088) (#54100) The #53973 introduced a change in the model of handling of the sensitive connection data in the Airlfow UI. Previoiusly our agreed model included capability of reading sensitive data bu the users who have Connection Configuraiton role. However in 3.0.4 we changeed the model so that those users have "write-only" access - they can write the sensitive data, but they cannot read the data via API or the UI once it is written. WHile not a security vulnerability on it's own, it's a security improvement that allows to mitigate some scenarios, especially when connection editing user credentials are stolen. This PR clarifies the model and properly communicates it to the users clearly indicating the difference implemented in 3.0.4 and the model of our security and clearly explaining that before 3.0.4 that was a delibearate choice of the model that the connection editing users had access to the sensitive data. (cherry picked from commit f5a88d97eb791194a5bad66a1c5021abdd1fb775) Co-authored-by: Jarek Potiuk <[email protected]> Report URL: https://github.com/apache/airflow/actions/runs/16729795086 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
