docs: Superset 6.1 documentation catch-up (security, alerts/reports, theming, config)#39440
docs: Superset 6.1 documentation catch-up (security, alerts/reports, theming, config)#39440
Conversation
…d config - security.mdx: document API key authentication (PR #37973) — creation via Security → API Keys, Bearer token usage, use cases, and security caution - alerts-reports.mdx: document webhook notifications (PR #36127) — enable via ALERT_REPORT_WEBHOOK feature flag, JSON payload format, multipart attachments, HTTPS enforcement, and retry behavior - theming.mdx: update default fonts note (IBM Plex Mono replaces Fira Code as default monospace in 6.1); add Theme Validation and Fallback section explaining the three-level fallback order and warning log behavior - configuring-superset.mdx: document HASH_ALGORITHM config key (md5/sha256 for FedRAMP compliance) and SQLLAB_HISTORY_RETENTION_DAYS (default 30 days, None to disable pruning) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
✅ Deploy Preview for superset-docs-preview ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
![bito-code-review[bot]](https://avatars.githubusercontent.com/in/1061978?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review Agent Run #dabb50
Actionable Suggestions - 3
-
docs/admin_docs/configuration/configuring-superset.mdx - 3
- Incorrect config default · Line 454-454
- Missing config implementation · Line 463-468
- Misleading pruning description · Line 471-471
Review Details
-
Files reviewed - 4 · Commit Range:
90b82f5..90b82f5- docs/admin_docs/configuration/alerts-reports.mdx
- docs/admin_docs/configuration/configuring-superset.mdx
- docs/admin_docs/configuration/theming.mdx
- docs/admin_docs/security/security.mdx
-
Files skipped - 0
-
Tools
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
AI Code Review powered by
| Controls the hashing algorithm used for internal checksums and cache keys. The default is `md5` for performance, but `sha256` is available for environments with stricter compliance requirements (e.g., FedRAMP): | ||
|
|
||
| ```python | ||
| HASH_ALGORITHM = "sha256" # default: "md5" |
There was a problem hiding this comment.
The documentation states the default HASH_ALGORITHM is "md5", but the code in superset/config.py sets it to "sha256". Update the comment to match the implementation.
Code Review Run #dabb50
Should Bito avoid suggestions like this for future reviews? (Manage Rules)
- Yes, avoid them
| ### SQLLAB_HISTORY_RETENTION_DAYS | ||
|
|
||
| Controls how long SQL Lab query history is retained in the metadata database. The default is 30 days: | ||
|
|
||
| ```python | ||
| SQLLAB_HISTORY_RETENTION_DAYS = 30 # set to None to retain history indefinitely |
There was a problem hiding this comment.
The SQLLAB_HISTORY_RETENTION_DAYS config is documented but not implemented in the codebase. The prune_query celery task exists but uses a hardcoded retention_period_days parameter, and the config is not defined.
Code Review Run #dabb50
Should Bito avoid suggestions like this for future reviews? (Manage Rules)
- Yes, avoid them
| SQLLAB_HISTORY_RETENTION_DAYS = 30 # set to None to retain history indefinitely | ||
| ``` | ||
|
|
||
| Old queries are pruned by the `celery beat` scheduler. Set to `None` to disable automatic cleanup, though this may cause the metadata database to grow unbounded over time. |
There was a problem hiding this comment.
The documentation states that old queries are pruned by celery beat, but the prune_query task is commented out in the default CELERY_BEAT_SCHEDULE. Users may expect automatic cleanup without enabling it.
Code Review Run #dabb50
Should Bito avoid suggestions like this for future reviews? (Manage Rules)
- Yes, avoid them
1 participant
SUMMARY
Documentation updates for features shipped in Superset 6.1 that weren't covered in the initial 6.0 docs release:
API Key Authentication (
security.mdx) — documents the new long-lived API keys UI (Security → API Keys), how to create/revoke keys, how to pass them as Bearer tokens, and recommended use cases (CI/CD, MCP integrations, service accounts). Covers PR feat(api-keys): add API key authentication via FAB SecurityManager #37973.Webhook Notifications (
alerts-reports.mdx) — documents theALERT_REPORT_WEBHOOKfeature flag, how to configure a webhook recipient in the alert/report UI, the exact JSON payload structure, multipart file attachments,ALERT_REPORTS_WEBHOOK_HTTPS_ONLYenforcement, and retry behavior. Covers PR feat(reports): add webhook option for notifications #36127.Default Fonts & Theme Validation (
theming.mdx) — updates the Default Fonts section to reflect IBM Plex Mono replacing Fira Code as the default code font in 6.1, with a migration note for users with existingfontFamilyCodeoverrides. Also adds a Theme Validation and Fallback section explaining the three-level fallback order and server log warnings on invalid theme JSON.Config Keys (
configuring-superset.mdx) — documents two new config keys:HASH_ALGORITHM— switch betweenmd5(default) andsha256for FedRAMP-compliant environmentsSQLLAB_HISTORY_RETENTION_DAYS— controls query history retention (default 30 days,Noneto disable pruning)BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
N/A — documentation-only changes.
TESTING INSTRUCTIONS
cd docs && npm startto render locally and verify MDX formattingADDITIONAL INFORMATION
Part of the 6.1 documentation catch-up series alongside #39422 (MCP server docs).