Open
Conversation
Closes DEV-1413 Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* Convert ViewSidebar to TypeScript Closes DEV-1415 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Closes DEV-1410 Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
causes module config tests to fail
* Add auto-detection of changed Loki stories for stress testing Enable the Loki stress test workflow to automatically trigger on PRs that modify .stories.tsx files and detect which stories to test based on git diff. Manual workflow_dispatch still works with optional filter override. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Update Claude instructions * Some DashboardSubscription type usage refactoring * Migrate SendTestPulse to TS. Introduce DashboardSubscriptionData. Related refactoring * Migrate ArchivePulseModal to TS * Migrate UnsubscribePulseModal to TS * Migrate ArchiveModal and test * Migrate to TS: UnsubscribeModal. Related refactoring * Migrate to TS: Notifications actions and routes * Migrate to TS: ModalRoute refinement * Fix eslint * Adjust types of ModalRoutecomponents * Fixes following bot code review * Some more type refinement * Address PR comments * More fixes/refactoring * Update route files. Convert to components * Rename ArchiveNotificationModal to avoid confusion with collections. Fix export * Fix more exports. Remove type casting. Add Response type guard * Refactor routes back to getter functions * Add early return for modals rendering. Add isObject in type-guard * Refine Response type-guard
…#69265) * fixed bugged scrolling in embedded metabot * focus * . * e2e test
…ld one (#69292) * export `InteractiveQuestion.NavigationBackButton` and deprecate `InteractiveQuestion.BackButton` * jsdoc * more jsdoc * add test
* wip * Revert "wip" This reverts commit a4dbdef. * cleanup * fix bug when clicking on breadcrumbs * clean up old type * Update frontend/src/embedding-sdk-bundle/components/private/SdkInternalNavigation/SdkInternalNavigationProvider.tsx Co-authored-by: Phoomparin Mano <poom@metabase.com> * jsdoc for virtual --------- Co-authored-by: Phoomparin Mano <poom@metabase.com>
The workflow was using `github.sha` (the merge commit SHA) when fetching artifacts, but the uberjar workflow uploads artifacts using the PR head commit SHA (`github.event.pull_request.head.sha`). This mismatch caused the containerize workflow to fail with "artifact not found" errors. Added `github.event.pull_request.head.sha` to the fallback chain in three places: the artifact fetch commit, the GIT_COMMIT_SHA build arg, and the Trivy scanner checkout ref. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…#67665) Fixes #67075. `:starts-with`, `:contains` and `:ends-with`, which use SQL `LIKE` clauses on SQL databases, were previously using the literal string from the user directly, without escaping the `LIKE` metacharacters `%`, `_` and backslash. This change adds a new `sql.qp` multimethod to the driver API, with a basic implementation that uses backslashes and works for Postgres, MySQL/Maria and H2. SQL Server supports escaping via regex-style `[%]` character classes. Oracle and SQLite need an explicitly set `LIKE '...' ESCAPE '\'` clause. I'm leaving that for a future PR since it requires refactoring how the `LIKE` clauses are constructed more deeply. Updates the driver changelog, though fortunately the default case should work for most drivers. Not to be backported, because of the driver API change.
* Update generated docs (master) * Apply suggestion from @jeff-bruemmer --------- Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: Jeff Bruemmer <jeff.bruemmer@gmail.com>
* Use bun in package.json * Update workflows * Update more workflows * Kick ci * Fix yaml * Fix type errors * Compat with snyk * Fix jest resolutions * Add another esm package * Fix aliases and next js missing deps * Update next js embed tests * Try fix embed test config * Fix * Fix requires in e2e support * Use bun not yarn in embed bin * Revert config changes * Use bun in more scripts and use prepare-release action * Replace more yarn usages * Remove overrides from bunfig move to package json * Revert e2e support changes * Add back comment * [ci skip] comment typo * Update bun lock * Update to reference bun * Update to reference bun * Update license disclaimer * Tidy tests * Update to use bun in workflows * Change aliases * Update codemirrort selector * Tidy license generation * Remove .only * Fix yarn references * Checkout .github for release scripts * Update lockfile * Re-add package * update release bunlock * fix checkout check --------- Co-authored-by: Ryan Laurie <iethree@gmail.com>
* embedded alerts * Apply suggestion from @jeff-bruemmer
* ease how we generate nano-ids Fixes #68130 nano-ids are not needed to be secure, they just need to be distinct. They hide no secrets but assign identity. In #66413 we replaced our usage of https://github.com/zelark/nano-id with encore. These are almost the same except that encore uses `secure?` to be true by default. In practice this is: ```clojure (if secure? (com.taoensso.encore.Ids/genNanoId (.get com.taoensso.encore.Ids/SRNG_STRONG) len) (com.taoensso.encore.Ids/genNanoId len)) ``` And that `com.taoensso.encore.Ids/SRNG_STRONG` is ```java public static final ThreadLocal<SecureRandom> SRNG = ThreadLocal.withInitial(SecureRandom::new); public static final ThreadLocal<SecureRandom> SRNG_STRONG = ThreadLocal.withInitial(() -> { try { return SecureRandom.getInstanceStrong(); } catch (java.security.NoSuchAlgorithmException e) { throw new RuntimeException("Failed to initialize strong SecureRandom", e); }}); ``` the implmentation in the old library was ```clojure (defonce *secure-random (delay (SecureRandom.))) ``` So passing `false` for the encore version of the nanoid restores the previous behavior. CALLOUT: One thing to call out is that this did slightly change how we generate nano-ids based on a seed. We used this behavior to backfill nano-ids. That let us try to ensure that the same thing in multiple systems would have the same nano-id, thus identifying them across systems. We are now generating different nanoids for the same inputs. ```clojure ❯ java -cp $JARS/1.45.4.jar clojure.main Clojure 1.11.1 user=> (doto 'metabase.util require in-ns) metabase.util metabase.util=> (generate-nano-id "cafebabe") "VlXdQMzunVywNw_SArkKX" metabase.util=> ``` This is a consistent nanoid all the way up to 57: ```clojure ❯ java -cp $JARS/1.57.10.jar clojure.main Clojure 1.12.2 user=> (doto 'metabase.util require in-ns) metabase.util metabase.util=> (generate-nano-id "cafebabe") "VlXdQMzunVywNw_SArkKX" metabase.util=> ``` And now is different in 58: ```clojure ❯ java -cp $JARS/1.58.3.jar clojure.main Clojure 1.12.3 user=> (doto 'metabase.util require in-ns) metabase.util metabase.util=> (generate-nano-id "cafebabe") "xNzFsobWPxaYpY0ucTMmz" ``` This is not a problem because we backfilled these nanoids in ~41 or so and no longer allow anyone to save a model without one. But is worth a callout that 58 changed this. * fix drivers team attribution (#69323) causes module config tests to fail
Better display for transform sync changes where we treat toggling the `remote-sync-transforms` as though we are toggling the `is_remote_synced` setting on Root transforms collection. This then creates a 'collection' typed remote sync object entry for the Root collection and uses that to drive dirty state display (or non-display) on the frontend. This object also drives how items are deleted from the sync so when this 'collection' is in a deleted state it removes all transforms related content from the sync but preserves it locally.
two changes:
- chris changed a file in a workspaces test file and no backend tests
ran at all:
```
=== Module Analysis ===
Changed modules: #{}
Driver module affected: false
Important file changed: false
Drivers with file changes: #{}
=== Driver Decisions ===
h2 RUN - H2/Postgres always run
athena SKIP - no relevant changes for cloud driver
bigquery SKIP - no relevant changes for cloud driver
clickhouse SKIP - driver module not affected
databricks SKIP - no relevant changes for cloud driver
druid SKIP - driver module not affected
druid-jdbc SKIP - driver module not affected
mongo SKIP - driver module not affected
mongo-ssl SKIP - driver module not affected
mongo-sharded-cluster SKIP - driver module not affected
mysql-mariadb SKIP - driver module not affected
oracle SKIP - driver module not affected
postgres RUN - H2/Postgres always run
presto-jdbc SKIP - driver module not affected
redshift SKIP - no relevant changes for cloud driver
snowflake SKIP - no relevant changes for cloud driver
sparksql SKIP - driver module not affected
sqlite SKIP - driver module not affected
sqlserver SKIP - driver module not affected
vertica SKIP - driver module not affected
```
So we want the workspace module to be marked dirty by this change. It's
currently filtered out by `remove-non-driver-test-namespaces`.
But a follow-on: workspaces run against different dbs and we therefore
want to ensure this not only triggers driver tests, but also cloud db
tests. So a few tests change to ensure this happens, consequent of
adding `enterprise/workspaces` to `modules-triggering-cloud-drivers`.
Fix typo in transforms-enabled setting description
* Fix downloading currency values in narrowSymbol format (#69779) * Add tests for narrowSymbol currency style in downloads --------- Co-authored-by: Will Bryant <will.bryant@gmail.com>
We want to support transforms with template tags, as long as those tags aren't required or have default values. However, if we do that, the backend should actually verify that we do in fact have values for all relevant template tags. This pr adds basic validation logic to transform creation and update routes -- essentially, we just run qp.preprocess/preprocess and see if we get an error.
* Remove dead code for actions * Disable HTTP action type at API level * clarify thrown exceptions * Remove HTTP action tests HTTP actions are now blocked at the API level; these tests cover functionality that's no longer accessible. * Remove remaining HTTP action references from api_test The previous commit missed several HTTP action usages: - all-actions-default helper function - list-actions-test action-1 binding - action-parameters-test (now uses query action)
Prints the mage command and args before execution so we can quickly see what labels/flags were passed when debugging CI driver issues. Closes: DEV-1577
…69581) * Fix step numbering + add details on how to confirm if using H2 * fix anchor links
When an artifact doesn't exist (expected for new commits), the fetch-artifact action was using throw new Error() which causes GitHub Actions to report "Unhandled error" - confusing and noisy. Using core.setFailed() cleanly marks the step as failed without the scary error message. Fixes: DEV-1581 Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* Run container as non-root, simplify H2 setup * Permissions * add to bin/Dockerfile * Update Dockerfile Co-authored-by: metabase-bot[bot] <109303359+metabase-bot[bot]@users.noreply.github.com> * Update bin/docker/Dockerfile Co-authored-by: metabase-bot[bot] <109303359+metabase-bot[bot]@users.noreply.github.com> * bad bot :( * docs * bring back JAVA_TIMEZONE * don't hardcode default h2 directory in command * fix link * update openapi --------- Co-authored-by: metabase-bot[bot] <109303359+metabase-bot[bot]@users.noreply.github.com>
* security fixes
* Use actions dataset
Symptom:
We started having tests failing
like:
```
expected: {:has_more_values false,
:values [["African"] ["American"] ["Artisan"]]}
actual: {:has_more_values false, :values (("American") ("Artisan") ("Asian"))}
diff: - {:values [["African"] ["American"] ["Artisan"]]}
+ {:values [["American"] ["Artisan"] ["Asian"]]}
```
and
```
expected: {:has_more_values true,
:values [["African"] ["American"] ["Artisan"] ["Asian"] ["BBQ"]]}
actual: {:has_more_values true,
:values (("American")
("Artisan")
("Asian")
("BBQ")
("European Shop"))}
diff: - {:values [["African"] ["American"] ["Artisan"] ["Asian"] ["BBQ"]]}
+ {:values [["American"]
["Artisan"]
["Asian"]
["BBQ"]
["European Shop"]]}
```
Identify:
```
modified src/metabase/actions/execution.clj
@@ -35,6 +35,10 @@
[:model_id ::lib.schema.id/card]
[:dataset_query ::lib.schema/native-only-query]]
request-parameters]
+ (let [db-name (-> ((requiring-resolve 'metabase.test/db)) :name)]
+ (when-not (.startsWith db-name "actions-test-data")
+ (println clojure.test/*testing-vars*)
+ #_(clojure.repl/pst (Exception. "how here?") 500)))
(log/tracef "Executing action\n\n%s" (u/pprint-to-str action))
(try
(let [parameters (for [parameter (:parameters action)]
@@ -61,6 +65,10 @@
(defn- execute-custom-action! [action request-parameters]
(let [{action-type :type} action]
(actions/check-actions-enabled! action)
+ (let [db-name (-> ((requiring-resolve 'metabase.test/db)) :name)]
+ (when-not (.startsWith db-name "actions-test-data")
+ (println clojure.test/*testing-vars*)
+ #_(clojure.repl/pst (Exception. "how here?") 500)))
(let [model (t2/select-one :model/Card :id (:model_id action))]
(when (and (= action-type :query) (not= (:database_id model) (:database_id action)))
;; the above check checks the db of the model. We check the db of the query action here
@@ -165,8 +173,14 @@
(let [k (keyword (:kind action-instance))]
(legacy->current k k)))
+(require 'clojure.repl)
+
(defn- execute-implicit-action!
[action request-parameters]
+ (let [db-name (-> ((requiring-resolve 'metabase.test/db)) :name)]
+ (when-not (.startsWith db-name "actions-test-data")
+ (println clojure.test/*testing-vars*)
+ #_(clojure.repl/pst (Exception. "how here?") 500)))
(let [model-id (:model_id action)
implicit-action (parse-implicit-action action)
{:keys [query row-parameters]} (build-implicit-query action implicit-action request-parameters)
```
I modified the action execution to print out test vars that weren't
using the correct dataset. A few need cross datasets to ensure can't run
on different dbs, and a few don't matter because they assert that
permissions fail or data is missing. But this
execute-action-permission-test didn't, and it's last branch asserts
"Admin can still execute actions" and that seems to have been the cause
of our troubles
* Validate transform queries can be preprocessed * remove prn * update backend error messages * Add support for custom toggleTemplateTagEditor * Allow passing setTemplateTagConfig to TagEditorParam * Add support for storing parameter values when question changes * Add template-tags tab * Add template tag sidebar * Allow saving optional template tags or tags with a default value * Show error message on save * Add new spec for transform template tags * Avoid sharing state when navigating * Add combination test for template tag types in transforms * Add definitionTab helper * Add test for multiple template tags * Fix error message * Fix tooltips in test * Remove tooltip check in tests * Use getErrorMessage to get error message in toast * Only return message if it is not empty * Wrap error message in form * Use H.createTestNativeQuery helper * Move variableTemplateTags and isVariableTemplateTag to Lib * Use more conventional key to reset uistate * update backend error messages again * Revert "Wrap error message in form" This is now handled in the api This reverts commit 9efecaf. * Fix test --------- Co-authored-by: William Zimrin <william@metabase.com>
* feat(dashboard): move subscriptions to action menu * fix unit tests * fix e2e tests * fix console warning about uncontrolled component * fix more tests * fix remaining test * bring test back
* Enable the check_snippet endpoint * Param * Test * Test
…icker (#69631) * Adding dataPicker to embedding-data-picker redux store * Refactor: move `dataPicker` redux Move from interactive embedding store to embedding data picker store * Add `dataPicker` type for the SDK * Fix storybook id value * Accept `dataPicker` in modular embedding SDK * Make the doc more suitable for markdown table in the docs site * Add test for InteractiveQuestion * Fix drillThroughQuestionProps type * Add tests for drillThroughQuestionProps.dataPicker * Fix SDK components can't specify different `entityTypes` or `dataPicker` * Fix doc error * Fix comment grammar * Fix wrong file name * Clarify redux slice usage with a comment * Make context more specific to avoid misuse * Add `question` back to SDK's `entityTypes` on the API doc
Update generated docs (master) Co-authored-by: github-actions <github-actions@github.com>
enable automated patch releases
* fix: transforms collections set setting on import Also turns off the transforms sync setting if there are not transform related models in the import * fix: transform/snippet settings on collection sync Updates our check for 'did transforms or snippets change on remote' to examine collections in the respective namespaces so an import with only transform collections (or snippet collection) creates the correct settings on the importing instance. * fixup! better handling for custom vs builtin tags * fixup! better conflict checking of namespaced cols * fixup! explicit connectionb for token cache * fixup! PR feedback
Our frontend code that prevents sending unchanged collections missed tenant collections being added to the payload. This fixes both the frontend to make sure we don't send when there are no changed collections and it updates the backend actually check if collections are being changed rather than just checking if the collections map exists.
* Show Python upsell on self hosted * Add e2e tests * Fix unit test * Simplify TransformsUpsellPage a bit more, fix tests * Simplify logic * Fix e2e and unit test * Update self-hosted python upsell as per new design / Code clean up * Fix unit test and also add a new one for useTransformsBilling * Remove e2e tests to be moved to a new PR * Fix cta link and bullet points icon alignment
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Important
For those employed by Metabase: if you are merging into master, please add either a
backportor ano-backportlabelto this PR. You will not be able to merge until you do this step. Refer to the section Do I need to backport this
PR?
in the Metabase Branching Strategy document for more details. If you're not employed by Metabase, this section does not
apply to you, and the label will be taken care of by your reviewer.
Closes https://github.com/metabase/metabase/issues/[issue_number]
Description
Describe the overall approach and the problem being solved.
How to verify
Describe the steps to verify that the changes are working as expected.
Demo
Upload a demo video or before/after screenshots if sensible or remove the section
Checklist