Remove dagReports API endpoint
#56609
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The `/api/v2/dagReports` endpoint loaded user DAG files directly in the API server process via DagBag, violating Airflow's core architectural principle that the API server must never execute user code. The endpoint was not used by the UI and had no known consumers. Users needing DAG loading reports should use the `airflow dags report` CLI command instead, which runs in an isolated process designed to safely execute user code.
kaxil
requested review from
bbovenzi,
bugraoz93,
ephraimbuddy,
jason810496,
jscheffl,
pierrejeambrun,
rawwar,
ryanahamilton and
shubhamraj-git
as code owners
boring-cyborg
bot
added
area:API
jason810496
approved these changes
Oct 14, 2025
Lee-W
approved these changes
Oct 14, 2025
pierrejeambrun
added
the
backport-to-v3-1-test
Backport failed to create: v3-1-test. View the failure log Run details
You can attempt to backport this manually by running: cherry_picker 828aaa0 v3-1-testThis should apply the commit to the v3-1-test branch and leave the commit in conflict state marking After you have resolved the conflicts, you can continue the backport process by running: cherry_picker --continue |
potiuk
pushed a commit
to potiuk/airflow
that referenced
this pull request
Oct 14, 2025
The `/api/v2/dagReports` endpoint loaded user DAG files directly in the API server process via DagBag, violating Airflow's core architectural principle that the API server must never execute user code. The endpoint was not used by the UI and had no known consumers. Users needing DAG loading reports should use the `airflow dags report` CLI command instead, which runs in an isolated process designed to safely execute user code. (cherry picked from commit 828aaa0) Co-authored-by: Kaxil Naik <[email protected]>
|
Backport in #56621 |
potiuk
added a commit
that referenced
this pull request
Oct 14, 2025
The `/api/v2/dagReports` endpoint loaded user DAG files directly in the API server process via DagBag, violating Airflow's core architectural principle that the API server must never execute user code. The endpoint was not used by the UI and had no known consumers. Users needing DAG loading reports should use the `airflow dags report` CLI command instead, which runs in an isolated process designed to safely execute user code. (cherry picked from commit 828aaa0) Co-authored-by: Kaxil Naik <[email protected]>
abdulrahman305 bot
pushed a commit
to abdulrahman305/airflow
that referenced
this pull request
Oct 15, 2025
The `/api/v2/dagReports` endpoint loaded user DAG files directly in the API server process via DagBag, violating Airflow's core architectural principle that the API server must never execute user code. The endpoint was not used by the UI and had no known consumers. Users needing DAG loading reports should use the `airflow dags report` CLI command instead, which runs in an isolated process designed to safely execute user code.
abdulrahman305 bot
pushed a commit
to abdulrahman305/airflow
that referenced
this pull request
Oct 17, 2025
The `/api/v2/dagReports` endpoint loaded user DAG files directly in the API server process via DagBag, violating Airflow's core architectural principle that the API server must never execute user code. The endpoint was not used by the UI and had no known consumers. Users needing DAG loading reports should use the `airflow dags report` CLI command instead, which runs in an isolated process designed to safely execute user code.
abdulrahman305 bot
pushed a commit
to abdulrahman305/airflow
that referenced
this pull request
Oct 19, 2025
The `/api/v2/dagReports` endpoint loaded user DAG files directly in the API server process via DagBag, violating Airflow's core architectural principle that the API server must never execute user code. The endpoint was not used by the UI and had no known consumers. Users needing DAG loading reports should use the `airflow dags report` CLI command instead, which runs in an isolated process designed to safely execute user code.
TyrellHaywood
pushed a commit
to TyrellHaywood/airflow
that referenced
this pull request
Oct 22, 2025
The `/api/v2/dagReports` endpoint loaded user DAG files directly in the API server process via DagBag, violating Airflow's core architectural principle that the API server must never execute user code. The endpoint was not used by the UI and had no known consumers. Users needing DAG loading reports should use the `airflow dags report` CLI command instead, which runs in an isolated process designed to safely execute user code.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The
/api/v2/dagReportsendpoint loaded user DAG files directly in the API server process via DagBag, violating Airflow's core architectural principle that the API server must never execute user code.The endpoint was not used by the UI and had no known consumers. Users needing DAG loading reports should use the
airflow dags reportCLI command instead, which runs in an isolated process designed to safely execute user code.^ Add meaningful description above
Read the Pull Request Guidelines for more information.
In case of fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in a newsfragment file, named
{pr_number}.significant.rstor{issue_number}.significant.rst, in airflow-core/newsfragments.