Add upgrade-fab-provider skill and FAB contributing doc#69729
Merged
Conversation
Upgrading the pinned Flask-AppBuilder dependency is deceptively involved: the FAB provider vendors and subclasses large parts of FAB's security manager, so a bump must be reconciled against that vendored code, the alignment-test tripwire, and the generated provider README. Capturing the verified procedure as a skill — and a matching providers/fab/CONTRIBUTING.rst that points contributors at it and records past bumps — lets future FAB upgrades follow the same checklist instead of rediscovering it each time. The skill lives vendor-neutrally in .agents/skills with .claude and .github relays, matching the repository's existing skill layout.
e6975ff to
2cf9d1d
Compare
vincbeck
approved these changes
Jul 10, 2026
vincbeck
left a comment
Contributor
There was a problem hiding this comment.
LGTM, as we use it and encounter new cases, we'll iterate. Example: if FAB makes some modifications in models, we might need to update the models we vendor-in in providers/fab/src/airflow/providers/fab/auth_manager/models/__init__.py. But again, we could add that when that happens
shahar1
approved these changes
Jul 11, 2026
eladkal
approved these changes
Jul 11, 2026
Contributor
Backport successfully created: v3-3-testNote: As of Merging PRs targeted for Airflow 3.X In matter of doubt please ask in #release-management Slack channel.
|
github-actions Bot
pushed a commit
to aws-mwaa/upstream-to-airflow
that referenced
this pull request
Jul 11, 2026
…pache#69729) Upgrading the pinned Flask-AppBuilder dependency is deceptively involved: the FAB provider vendors and subclasses large parts of FAB's security manager, so a bump must be reconciled against that vendored code, the alignment-test tripwire, and the generated provider README. Capturing the verified procedure as a skill — and a matching providers/fab/CONTRIBUTING.rst that points contributors at it and records past bumps — lets future FAB upgrades follow the same checklist instead of rediscovering it each time. The skill lives vendor-neutrally in .agents/skills with .claude and .github relays, matching the repository's existing skill layout. (cherry picked from commit 621192d) Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
shahar1
pushed a commit
that referenced
this pull request
Jul 11, 2026
…69729) (#69756) Upgrading the pinned Flask-AppBuilder dependency is deceptively involved: the FAB provider vendors and subclasses large parts of FAB's security manager, so a bump must be reconciled against that vendored code, the alignment-test tripwire, and the generated provider README. Capturing the verified procedure as a skill — and a matching providers/fab/CONTRIBUTING.rst that points contributors at it and records past bumps — lets future FAB upgrades follow the same checklist instead of rediscovering it each time. The skill lives vendor-neutrally in .agents/skills with .claude and .github relays, matching the repository's existing skill layout. (cherry picked from commit 621192d) Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds the
upgrade-fab-provideragent skill and aproviders/fab/CONTRIBUTING.rstdeveloper doc.Upgrading the vendored Flask-AppBuilder dependency is deceptively involved — the FAB provider vendors and subclasses large parts of FAB's security manager, so a bump must be reconciled against that vendored code (enforced by
test_fab_alignment.py), and the generated provider README must be re-synced. The skill captures the verified end-to-end procedure (including the gotcha that a green alignment test does not prove a security fix inside a vendored method was handled); the contributing doc points contributors at it and records past bumps.The skill is vendor-neutral in
.agents/skills/upgrade-fab-providerwith.claude/and.github/relay symlinks, matching the repository's existing skill layout. It was authored and validated against the companion FAB 5.2.1 -> 5.2.2 bump.Was generative AI tooling used to co-author this PR?
Generated-by: Claude Code (Opus 4.8) following the guidelines