Bumps the pip group with 1 update in the /src/file-utils directory: numpy.
Bumps the pip group with 1 update in the /src/google-classroom-extractor directory: protobuf.
Bumps the pip group with 4 updates in the /src/notebooks directory: ipython, jupyter-core, nbconvert and notebook.
Bumps the pip group with 1 update in the /src/sql-adapter directory: requests.
A summary of changes in the Jupyter notebook. For more detailed
information, see GitHub.
Use pip install notebook --upgrade or conda upgrade notebook to
upgrade to the latest release.
We strongly recommend that you upgrade pip to version 9+ of pip before
upgrading notebook.
Use pip install pip --upgrade to upgrade pip. Check pip version with
pip --version.
v7.1
Jupyter Notebook 7.1 is based on JupyterLab 4.1, and includes a number of new features, bug fixes, and enhancements for extension developers. This release is compatible with extensions supporting JupyterLab 4.0. Extension authors are recommended to consult the Extension Migration Guide which lists deprecations and changes to the public API.
Below are a few highlights for this new release. Most of the new features and improvements come from the update to JupyterLab 4.1, although they are not all supported in Notebook 7.1.
Matching GitHub-Flavoured Markdown, JupyterLab 4.1 now supports Mermaid diagrams.
To create a mermaid diagram use the mermaid language specifier for a code block in a markdown cell or document, for example:
```mermaid
flowchart LR
A[Hard] -->|Text| B(Round)
B --> C{Decision}
C -->|One| D[Result 1]
C -->|Two| E[Result 2]
</code></pre>
<p>which renders as:</p>
<!-- raw HTML omitted -->
<h3>Inline completer</h3>
<p>JupyterLab now supports completion presented as ghost text in the cell and file editors,
allowing generative AI models to provide multi-line completions. This can now also be leveraged in Jupyter Notebook.</p>
<p>The suggestions are provided by plugins implementing the <code>IInlineCompletionProvider</code> API;
by default a single provider which uses kernel history is available.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/jupyter/notebook/commit/aee45355b568650cf650f4e2d3d551570655f844"><code>aee4535</code></a> Release 6.4.12</li>
<li><a href="https://github.com/jupyter/notebook/commit/a161ffac6bfff2491fe5c4e9f6111256b8b57f08"><code>a161ffa</code></a> Merge pull request from GHSA-v7vq-3x77-87vg</li>
<li><a href="https://github.com/jupyter/notebook/commit/b79702ccdbc40a1fda5a87a3f73854e8267529e6"><code>b79702c</code></a> updated error messages to not mention hidden files</li>
<li><a href="https://github.com/jupyter/notebook/commit/cb3dc22f0f152c1dcbcdb1aa3514748758f432a8"><code>cb3dc22</code></a> Update notebook/services/contents/filemanager.py</li>
<li><a href="https://github.com/jupyter/notebook/commit/1c3d7a60cd16deddba5b1344f5c94f967ba682d8"><code>1c3d7a6</code></a> added hidden checks on handlers.py and accompanying tests</li>
<li><a href="https://github.com/jupyter/notebook/commit/f69eb96cff7149b38bca068f4b7faaa7baf55902"><code>f69eb96</code></a> added hidden checks on FileContentsManager and accompanying tests</li>
<li><a href="https://github.com/jupyter/notebook/commit/2a76184f46ed6a7afcdd01e9ba660010abb9c977"><code>2a76184</code></a> add checks for hidden file or path on file get</li>
<li><a href="https://github.com/jupyter/notebook/commit/920c5cc3745cebceed8e77380164d126d7f92ca9"><code>920c5cc</code></a> Merge pull request <a href="https://redirect.github.com/jupyter/notebook/issues/6421">#6421</a> from RRosio/update-version</li>
<li><a href="https://github.com/jupyter/notebook/commit/d4eb85d0f9e2845d0889ef8a19486b96c850cba9"><code>d4eb85d</code></a> updating version to show dev</li>
<li><a href="https://github.com/jupyter/notebook/commit/8109251477fd813c1b94c6b0c7fbb9e051512b44"><code>8109251</code></a> Publish 6.4.11</li>
<li>Additional commits viewable in <a href="https://github.com/jupyter/notebook/compare/6.3.0...6.4.12">compare view</a></li>
</ul>
</details>
<br />
Updates `protobuf` from 3.16.0 to 3.18.3
Release notes
Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of Proxy-Authorization headers to destination servers when
following HTTPS redirects.
When proxies are defined with user info (https://user:pass@proxy:8080), Requests
will construct a Proxy-Authorization header that is attached to the request to
authenticate with the proxy.
In cases where Requests receives a redirect response, it previously reattached
the Proxy-Authorization header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are strongly encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.
Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.
Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of Proxy-Authorization headers to destination servers when
following HTTPS redirects.
When proxies are defined with user info (https://user:pass@proxy:8080), Requests
will construct a Proxy-Authorization header that is attached to the request to
authenticate with the proxy.
In cases where Requests receives a redirect response, it previously reattached
the Proxy-Authorization header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are strongly encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.
Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.
IMPORTANT: This release fixes a security vulnerability in the
parser where a regular expression vulnerable to ReDOS (Regular
Expression Denial of Service) was used. See the security advisory
for details: https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
The vulnerability was discovered by @erik-krogh from GitHub
Security Lab (GHSL). Thanks for reporting!
Bug Fixes
Revert a change from 0.4.0 that changed IN to be a comparison (issue694).
The primary expectation is that IN is treated as a keyword and not as a
comparison operator. That also follows the definition of reserved keywords
for the major SQL syntax definitions.
Fix regular expressions for string parsing.
Other
sqlparse now uses pyproject.toml instead of setup.cfg (issue685).
Release 0.4.3 (Sep 23, 2022)
Enhancements
Add support for DIV operator (pr664, by chezou).
Add support for additional SPARK keywords (pr643, by mrmasterplan).
Avoid tokens copy (pr622, by living180).
Add REGEXP as a comparision (pr647, by PeterSandwich).
Add DISTINCTROW keyword for MS Access (issue677).
Improve parsing of CREATE TABLE AS SELECT (pr662, by chezou).
Bug Fixes
Fix spelling of INDICATOR keyword (pr653, by ptld).
Fix formatting error in EXTRACT function (issue562, issue670, pr676, by ecederstrand).
Fix bad parsing of create table statements that use lower case (issue217, pr642, by mrmasterplan).
Handle backtick as valid quote char (issue628, pr629, by codenamelxl).
Allow any unicode character as valid identifier name (issue641).
Other
Update github actions to test on Python 3.10 as well (pr661, by cclaus).
NumPy 1.22.0 is a big release featuring the work of 153 contributors
spread over 609 pull requests. There have been many improvements,
highlights are:
Annotations of the main namespace are essentially complete. Upstream
is a moving target, so there will likely be further improvements,
but the major work is done. This is probably the most user visible
enhancement in this release.
A preliminary version of the proposed Array-API is provided. This is
a step in creating a standard collection of functions that can be
used across application such as CuPy and JAX.
NumPy now has a DLPack backend. DLPack provides a common interchange
format for array (tensor) data.
New methods for quantile, percentile, and related functions. The
new methods provide a complete set of the methods commonly found in
the literature.
A new configurable allocator for use by downstream projects.
These are in addition to the ongoing work to provide SIMD support for
commonly used functions, improvements to F2PY, and better documentation.
The Python versions supported in this release are 3.8-3.10, Python 3.7
has been dropped. Note that 32 bit wheels are only provided for Python
3.8 and 3.9 on Windows, all other wheels are 64 bits on account of
Ubuntu, Fedora, and other Linux distributions dropping 32 bit support.
All 64 bit wheels are also linked with 64 bit integer OpenBLAS, which should fix
the occasional problems encountered by folks using truly huge arrays.
Expired deprecations
Deprecated numeric style dtype strings have been removed
Using the strings "Bytes0", "Datetime64", "Str0", "Uint32",
and "Uint64" as a dtype will now raise a TypeError.
Expired deprecations for loads, ndfromtxt, and mafromtxt in npyio
numpy.loads was deprecated in v1.15, with the recommendation that
users use pickle.loads instead. ndfromtxt and mafromtxt were both
deprecated in v1.17 - users should use numpy.genfromtxt instead with
the appropriate value for the usemask parameter.
Bumps the pip group with 8 updates in the /docs/demonstration directory:
7.23.18.10.04.7.14.11.26.0.76.5.16.3.06.4.123.16.03.18.31.10.01.11.02.25.12.31.00.4.10.4.4Bumps the pip group with 1 update in the /src/file-utils directory: numpy. Bumps the pip group with 1 update in the /src/google-classroom-extractor directory: protobuf. Bumps the pip group with 4 updates in the /src/notebooks directory: ipython, jupyter-core, nbconvert and notebook. Bumps the pip group with 1 update in the /src/sql-adapter directory: requests.
Updates
ipythonfrom 7.23.1 to 8.10.0Commits
15ea1edrelease 8.10.0560ad10DOC: Update what's new for 8.10 (#13939)7557adeDOC: Update what's new for 8.10385d693Merge pull request from GHSA-29gw-9793-fvw7e548ee2Swallow potential exceptions from showtraceback() (#13934)0694b08MAINT: mock slowest test. (#13885)8655912MAINT: mock slowest test.a011765Isolate the attack tests with setUp and tearDown methodsc7a9470Add some regression tests for this changefd34cf5Swallow potential exceptions from showtraceback()Updates
jupyter-corefrom 4.7.1 to 4.11.2Release notes
Sourced from jupyter-core's releases.
Changelog
Sourced from jupyter-core's changelog.
... (truncated)
Commits
a8eac8cRelease 4.11.21118c8cMerge pull request from GHSA-m678-f26j-3hrpd3f61f3Release 4.11.1e7eeb9eFix inclusion of jupyter file and check in CI (#276)035bf11Release 4.11.045aa28b[pre-commit.ci] pre-commit autoupdate (#273)73401cc[pre-commit.ci] pre-commit autoupdate (#272)bc6b771is_hidden: Use normalized paths (#271)be38e52[pre-commit.ci] pre-commit autoupdate (#270)7b790d8[pre-commit.ci] pre-commit autoupdate (#269)Updates
nbconvertfrom 6.0.7 to 6.5.1Release notes
Sourced from nbconvert's releases.
... (truncated)
Changelog
Sourced from nbconvert's changelog.
... (truncated)
Commits
7471b75Release 6.5.1c1943e0Fix pre-commit8685e93Fix tests0abf290Run black and prettier418d545Run test on 6.x branchbef65d7Convert input to string prior to escape HTML0818628Check input type before escapingb206470GHSL-2021-1017, GHSL-2021-1020, GHSL-2021-1021a03cbb8GHSL-2021-1026, GHSL-2021-102548fe71eGHSL-2021-1024Updates
notebookfrom 6.3.0 to 6.4.12Release notes
Sourced from notebook's releases.
... (truncated)
Changelog
Sourced from notebook's changelog.