The GitHub Actions job "Tests (AMD)" on airflow.git/v3-2-test has failed. Run started by GitHub user pierrejeambrun (triggered by pierrejeambrun).
Head commit for run: b14148f41e8c921cf4388b5fbdc02e661e5f400e / github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> [v3-2-test] Filter scheduling-dependencies graph edges by readable-DAG access (#67627) (#67907) The UI scheduling-dependencies graph route (`GET /ui/dependencies?dependency_type=scheduling`) was filtering only the top-level DAG keys in `get_scheduling_dependencies()` by the caller's readable-DAG set. For each dependency object under a readable top-level DAG, the route still emitted the dependency node (whose `node_id` embeds both source and target DAG ids — e.g. `trigger:external_trigger_dag_id:downstream:trigger_dag_run_operator`), the inbound edge from `dep.source` to `dep.node_id` when `dep.source` is a DAG id, and the outbound edge from `dep.node_id` to `dep.target` when `dep.target` is a DAG id. A caller with read access to one DAG would therefore see identifiers and edge metadata for other DAGs they cannot read whenever the readable DAG referenced those DAGs via trigger/sensor dependencies. This change extends the readable-DAG filter inside the dependency loop: when either `dep.source` or `dep.target` is a bare DAG id outside the caller's readable set, the dependency node and both its edges are skipped entirely. Asset-prefixed identifiers (`asset:<id>`) are unaffected by the new check. Reference: airflow-s/airflow-s#441 (cherry picked from commit e61c9bac30a7b1a7f68589629f10c4cb247c683e) Generated-by: Claude Opus 4.7 (1M context) following the guidelines at https://github.com/apache/airflow/blob/main/contributing-docs/05_pull_requests.rst#gen-ai-assisted-contributions Co-authored-by: Jarek Potiuk <[email protected]> Report URL: https://github.com/apache/airflow/actions/runs/26889226071 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
