fix: bump to FAB 4.3.9 remove CSP exception (apache#25712)

10webio · Oct 20, 2023 · 8fb0c8d · 8fb0c8d
1 parent 75a7431
commit 8fb0c8d
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 4 deletions.
diff --git a/requirements/base.txt b/requirements/base.txt
@@ -96,7 +96,7 @@ flask==2.2.5
     #   flask-migrate
     #   flask-sqlalchemy
     #   flask-wtf
-flask-appbuilder==4.3.7
+flask-appbuilder==4.3.9
     # via apache-superset
 flask-babel==1.0.0
     # via flask-appbuilder

diff --git a/setup.py b/setup.py
@@ -84,7 +84,7 @@ def get_git_sha() -> str:
         "cryptography>=41.0.2, <41.1.0",
         "deprecation>=2.1.0, <2.2.0",
         "flask>=2.2.5, <3.0.0",
-        "flask-appbuilder>=4.3.7, <5.0.0",
+        "flask-appbuilder>=4.3.9, <5.0.0",
         "flask-caching>=1.11.1, <2.0",
         "flask-compress>=1.13, <2.0",
         "flask-talisman>=1.0.0, <2.0",

diff --git a/superset/config.py b/superset/config.py
@@ -1437,7 +1437,6 @@ def EMAIL_HEADER_MUTATOR(  # pylint: disable=invalid-name,unused-argument
         "style-src": [
             "'self'",
             "'unsafe-inline'",
-            "https://cdn.jsdelivr.net/npm/swagger-ui-dist@5/swagger-ui.css",
         ],
         "script-src": ["'self'", "'strict-dynamic'"],
     },
@@ -1459,7 +1458,6 @@ def EMAIL_HEADER_MUTATOR(  # pylint: disable=invalid-name,unused-argument
         "style-src": [
             "'self'",
             "'unsafe-inline'",
-            "https://cdn.jsdelivr.net/npm/swagger-ui-dist@5/swagger-ui.css",
         ],
         "script-src": ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
     },