Changelog for
python310-notebook-6.4.12-qubes.3.4.noarch.rpm :
* Tue Aug 02 2022 Ben Greiner
- Enforce libalternatives grouping for nbclassic alternatives gh#jupyter/notebook#6501
* Wed Jun 15 2022 Yogalakshmi Arunachalam - update to version 6.4.12:
* Address security advisory GHSA-v7vq-3x77-87vg
* CVE-2022-29238
* Mon Jun 06 2022 Ben Greiner - Update runtime requirements, clean up test requirements
* Mon Jun 06 2022 Timothy Brown - update to version 6.4.11:
* Bugs fixed + Update further to ipykernel comm refactoring
* Maintenance and upkeep improvements + Add testpath to the test dependencies + Temporary workaround to fix js-tests related to sanitizer js loading by phantomjs + Use place-hold.it instead of plaecehold.it to create image placeholders + Migrate to python 3.7+
* Thu Feb 17 2022 Arun Persaud - update to version 6.4.8:
* Bugs fixed + Fix to remove potential memory leak on Jupyter Notebooks ZMQChannelHandler code #6251 (AATTVishwajeet0510)
* Sun Jan 23 2022 Arun Persaud - specfile:
* update copyright year- update to version 6.4.7:
* Bugs fixed + Fix Chinese punctuation #6268 (AATTLiHua-Official) + Add date field to kernel message header #6265 (AATTkevin-bates) + Fix deprecation warning #6253 (AATTtornaria)
* Maintenance and upkeep improvements + Enforce labels on PRs #6235 (AATTblink1073) + Fix: CI error for python 3.6 & macOS #6215 (AATTpenguinolog)
* Other merged PRs + handle KeyError when get session #6245 (AATTccw630) + Updated doc for passwd #6209 (AATTantoinecarme)
* Sat Nov 27 2021 Arun Persaud - update to version 6.4.6:
* Bugs fixed + Fix asyncio error when opening notebooks #6221 (AATTdleen) + Change to use a universal Chinese translation on certain words [#6218] (AATTjackexu) + Fix Chinese translation typo #6211 (AATTmaliubiao + Fix send2trash tests failing on Windows #6127 (AATTdolfinus)
* Maintenance and upkeep improvements + TST: don\'t look in user site for serverextensions #6233 (AATTbnavigator) + Enable terminal tests as pywinpty is ported for python 3.9 #6228 (AATTnsait-linaro)
* Fri Nov 12 2021 Ben Greiner - Reenable libalternatives- Export PYTHONNOUSERSITE when testing for jupyter-core 4.9.1
* Thu Oct 28 2021 Ben Greiner - Revert the usage of libalternatives due to gh#openSUSE/libalternatives#11
* Wed Oct 20 2021 Stefan Schubert - Use libalternatives instead of update-alternatives.
* Wed Oct 20 2021 Ben Greiner - Update to version 6.4.5
* Recover from failure to render mimetype
* Fix crypto handling
* Fix jupyter_client warning
* Fix nbsphinx settings
* Fully revert the pinning of nbsphinx to 0.8.6
* Pin nbsphinx to 0.8.6, clean up orphaned resources
* Fix typo in docstring- Release 6.4.4
* Update Manual Release Instructions
* Use default JupyterLab CSS sanitizer options for Markdown
* Fix syntax highlight- Release 6.4.3
* Add AATTbabel/core dependency
* Switch webpack to production mode
* Clean up link checking- Release 6.4.2
* Add missing file to manifest
* Fix issue #3218
* Fix version of jupyter-packaging in pyproject.toml
* \"#element\".tooltip is not a function on home page fixed.
* Enhancements to the desktop entry
* Add missing spaces to help messages in config file- Release 6.4.0
* Fix Handling of Encoded Paths in Save As Dialog
* Fix: split_cell doesn\'t always split cell
* Correct \'Content-Type\' headers
* Fix skipped tests & remove deprecation warnings
* [Gateway] Track only this server\'s kernels
* Bind the HTTPServer in start #6061
* Revert \"do not apply asyncio patch for tornado >=6.1\"
* Use Jupyter Releaser
* Add Workflow Permissions for Lock Bot
* Fixes related to the recent changes in the documentation
* Add maths checks in CSS reference test
* Add Issue Lock and Answered Bots
* Spelling correction
* Minor typographical and comment changes
* Fixes related to the recent changes in the documentation
* Fix readthedocs environment- Release 6.3.0
* Add square logo and desktop entry files
* Modernize Changelog
* Add missing \"import inspect\"
* Add Codecov badge to README
* Remove configuration for nosetests from setup.cfg
* Update security.rst
* Docs-Translations: Updated Hindi and Chinese Readme.md
* Allow /metrics by default if auth is off
* Skip terminal tests on Windows 3.9+ (temporary)
* Update GatewayKernelManager to derive from AsyncMappingKernelManager
* Drop use of deprecated pyzmq.ioloop
* Drop support for Python 3.5
* Allow jupyter_server-based contents managers in notebook
* Russian translation fixes
* Increase culling test idle timeout
* Re-enable support for answer_yes flag
* Replace Travis and Appveyor with Github Actions
* DOC: Server extension, extra docs on configuration/authentication.- Silence rpmlint2
* Sun Feb 14 2021 Arun Persaud - specfile:
* update copyright year
* update tornado version requirement
* removed remove_nose.patch, included upstream- update to version 6.2.0:
* Increase minimum tornado version (:ghpull:`5933`)
* Adjust skip decorators to avoid remaining dependency on nose (:ghpull:`5932`)
* Ensure that cell ids persist after save (:ghpull:`5928`)
* Add reconnection to Gateway (form nb2kg) (:ghpull:`5924`)
* Fix some typos (:ghpull:`5917`)
* Handle TrashPermissionError, now that it exists (:ghpull:`5894`)- changes from version 6.1.6:
* do not require nose for testing (:ghpull:`5826`)
* [docs] Update Chinese and Hindi readme.md (:ghpull:`5823`)
* Add support for creating terminals via GET (:ghpull:`5813`)
* Made doc translations in Hindi and Chinese (:ghpull:`5787`)
* Sat Jan 09 2021 Benjamin Greiner - Don\'t test with pandoc on ix86
* Mon Dec 21 2020 Benjamin Greiner - Update to 6.1.5
* Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned)- Changes for 6.1.4
* Fix broken links to jupyter documentation
* Add additional entries to troubleshooting section
* Revert change in page alignment
* Bug fix: remove double encoding in download files
* Fix typo for Check in zh_CN
* Require a file name in the \"Save As\" dialog- Changes for 6.1.3
* Title new buttons with label if action undefined- Changes for 6.1.2
* Fix russian message format for delete/duplicate actions
* Remove unnecessary import of bind_unix_socket
* Tooltip style scope fix- Changes for 6.1.1
* Prevent inclusion of requests_unixsocket on Windows- Changes for 6.1.0 Please note that this repository is currently maintained by a skeleton crew of maintainers from the Jupyter community. For our approach moving forward, please see this notice from the README. Thank you.
* Remove deprecated encoding parameter for Python 3.9 compatibility.
* Add support for async kernel management
* Fix typo in password_required help message
* Gateway only: Ensure launch and request timeouts are in sync
* Update Markdown Cells example to HTML5 video tag
* Integrated LoginWidget into edit to enable users to logout from the t…
* Update message about minimum Tornado version
* Logged notebook type
* Added nl language
* Add UNIX socket support to notebook server.
* Update CodeMirror dependency
* Tree added download multiple files
* Toolbar buttons tooltip: show help instead of label
* Remove unnecessary import of requests_unixsocket
* Add ability to cull terminals and track last activity
* Code refactoring notebook.js
* Install terminado for docs build
* Convert notifications JS test to selenium
* Add cell attachments to markdown example
* Add Japanese document
* Migrate Move multiselection test to selenium
* Use cmdtrl-enter to run a cell
* Fix broken \"Raw cell MIME type\" dialog
* Make a notebook writable after successful save-as
* Add actual watch script
* Added --autoreload flag to NotebookApp
* Enable check_origin on gateway websocket communication
* Restore detection of missing terminado package
* Culling: ensure last_activity attr exists before use
* Added functionality to allow filter kernels by Jupyter Enterprise Gat…
* \'Play\' icon for run-cell toolbar button
* Bump minimum version of jQuery to 3.5.0
* Remove old JS markdown tests, add a new one in selenium
* Add support for more RTL languages
* Make markdown cells stay RTL in edit mode
* Unforce RTL output display
* Fixed multicursor backspacing
* Implemented Split Cell for multicursor
* Alignment issue [FIXED]
* MathJax: Support for \\gdef
* Another (Minor) Duplicate Code Reduction
* Update readme regarding maintenance
* Document contents chunks
* Backspace deletes empty line
* The dropdown submenu at notebook page is not keyboard accessible
* Tooltips visible through keyboard navigation for specified buttons
* Fix for recursive symlink
* Fix for the terminal shutdown issue
* Add japanese translation files
* Workaround for socket permission errors on Cygwin
* Implement optional markdown header and footer files
* Remove double link when using custom_display_url
* Respect cell.is_editable during find-and-replace
* Fix exception causes all over the codebase (:ghpull:`5556`
* Improve login shell heuristics
* Added support for JUPYTER_TOKEN_FILE
* Kill notebook itself when server cull idle kernel
* Implement password hashing with bcrypt
* Fix broken links
* Russian internationalization support
* Add a metadata tag to override notebook direction (ltr/rtl)
* Paste two images from clipboard in markdown cell
* Add keyboard shortcuts to menu dropdowns
* Update codemirror to 5.56.0+components1- refresh remove_nose.patch based on gh#jupyter/notebook#5826- move the entrypoints to the flavored python package and make them alternatives- tag language files
* Thu Oct 22 2020 Matej Cepl - Add remove_nose.patch to remove dependency on nose (gh#jupyter/notebook#4753).
* Tue Jan 28 2020 Todd R - Update to 6.0.3
* Dependency updates to fix startup issues on Windows platform
* Add support for nbconvert 6.x
* Creation of recent tab- Use multibuild to separate out tests. The tests have some heavy dependencies the main package doesn\'t.- Drop documentation. These are mostly a relic of when the tests needed to be in a separate package, and since the docs are no longer versioned upstream keeping them synced with the main package is difficult.
* Wed Nov 13 2019 Todd R - jupyter_client renamed to jupyter-client- jupyter_core renamed to jupyter-core
* Mon Nov 11 2019 Todd R - Update to 6.0.2
* Update JQuery dependency to version 3.4.1 to fix security vulnerability (CVE-2019-11358)
* Update CodeMirror to version 5.48.4 to fix Python formatting issues
* Continue removing obsolete Python 2.x code/dependencies
* Multiple documentation updates- Update to 6.0.1
* Attempt to re-establish websocket connection to Gateway
* Add missing react-dom js to package data- Update to 6.0
* Remove Python 2.x support in favor of Python 3.5 and higher.
* Multiple accessibility enhancements and bug-fixes.
* Multiple translation enhancements and bug-fixes.
* Remove deprecated ANSI CSS styles.
* Native support to forward requests to Jupyter Gateway(s) (Embedded NB2KG).
* Use JavaScript to redirect users to notebook homepage.
* Enhanced SSL/TLS security by using PROTOCOL_TLS which selects the highest ssl/tls p rotocol version available that both the client and server support. When PROTOCOL_TLS is not available use PROTOCOL_SSLv23.
* Add ``?no_track_activity=1`` argument to allow API requests. to not be registered as activity (e.g. API calls by external activity monitors).
* Kernels shutting down due to an idle timeout is no longer considered an activity-updating event.
* Further improve compatibility with tornado 6 with improved checks for when websockets are closed.
* Launch the browser with a local file which redirects to the server address including the authentication token. This prevents another logged-in user from stealing the token from command line arguments and authenticating to the server. The single-use token previously used to mitigate this has been removed. Thanks to Dr. Owain Kenway for suggesting the local file approach.
* Respect nbconvert entrypoints as sources for exporters
* Update to CodeMirror to 5.37, which includes f-string syntax for Python 3.6.
* Update jquery-ui to 1.12
* Execute cells by clicking icon in input prompt.
* New \"Save as\" menu option.
* When serving on a loopback interface, protect against DNS rebinding by checking the ``Host`` header from the browser. This check can be disabled if necessary by setting ``NotebookApp.allow_remote_access``.
* Add kernel_info_timeout traitlet to enable restarting slow kernels.
* Add ``custom_display_host`` config option to override displayed URL.
* Add /metrics endpoint for Prometheus Metrics.
* Optimize large file uploads.
* Allow access control headers to be overriden in jupyter_notebook_config.py to support greater CORS and proxy configuration flexibility.
* Add support for terminals on windows.
* Add a \"restart and run all\" button to the toolbar.
* Frontend/extension-config: allow default json files in a .d directory.
* Allow setting token via jupyter_token env.
* Cull idle kernels using ``--MappingKernelManager.cull_idle_timeout``.
* Allow read-only notebooks to be trusted.
* Convert JS tests to Selenium.
* Tue May 28 2019 Jan Engelhardt - Use noun phrase in summary.
* Fri May 24 2019 Todd R - Add a jupyter-specific language package
* Wed May 22 2019 Todd R - Split directories and macros into separate package.- Make lang subpackage python version-specific
* Wed May 15 2019 Todd R - Add conflicts to jupyter subpackage to more explicitly handle file overlaps with old naming scheme.
* Thu Apr 25 2019 Todd R - Update to 5.7.8
* Fix regression in restarting kernels in 5.7.5. The restart handler would return before restart was completed.
* Further improve compatibility with tornado 6 with improved checks for when websockets are closed.
* Fix regression in 5.7.6 on Windows where .js files could have the wrong mime-type.
* Fix Open Redirect vulnerability (CVE-2019-10255) where certain malicious URLs could redirect from the Jupyter login page to a malicious site after a successful login. 5.7.7 contained only a partial fix for this issue.- Rename to to match python package naming guidelines.- Split jupyter components into own subpackage.- Add rpm macros.
* Mon Apr 01 2019 Todd R - Fix doc url
* Sat Mar 30 2019 Arun Persaud - update to version 5.7.7:
* Fix regression in restarting kernels in 5.7.5. The restart handler would return before restart was completed.
* Further improve compatibility with tornado 6 with improved checks for when websockets are closed.
* Fix regression in 5.7.6 on Windows where .js files could have the wrong mime-type.
* Fix Open Redirect vulnerability where certain malicious URLs could redirect from the Jupyter login page to a malicious site after a successful login. A CVE has been requested for this vulnerability.
* Sun Mar 10 2019 Arun Persaud - update to version 5.7.6:
* 5.7.6 contains a security fix for a cross-site inclusion (XSSI) vulnerability, where files at a known URL could be included in a page from an unauthorized website if the user is logged into a Jupyter server. The fix involves setting the X-Content-Type-Options: nosniff header, and applying CSRF checks previously on all non-GET API requests to GET requests to API endpoints and the /files/ endpoint. The attacking page is able to access some contents of files when using Internet Explorer through script errors, but this has not been demonstrated with other browsers. A CVE has been requested for this vulnerability.
* Sat Mar 09 2019 Arun Persaud - update to version 5.7.5:
* Fix compatibility with tornado 6 (:ghpull:`4392`, :ghpull:`4449`).
* Fix opening integer filedescriptor during startup on Python 2 (:ghpull:`4349`)
* Fix compatibility with asynchronous KernelManager.restart_kernel methods (:ghpull:`4412`)
* Fri Jan 11 2019 rolfAATTrotkraut.de- Update requirements: python-jupyter_core >= 4.4.0, python-terminado >= 0.8.1.
* Wed Jan 09 2019 Jan Engelhardt - Fix {name} -> %{name}
* Fri Jan 04 2019 Todd R - Update to 5.7.4
* fixes a bug introduced in 5.7.3, in which the ``list_running_servers()`` function attempts to parse HTML files as JSON, and consequently crashes (:ghpull:`4284`).- Update to 5.7.3
* Launch the browser with a local file which redirects to the server address including the authentication token (:ghpull:`4260`). This prevents another logged-in user from stealing the token from command line arguments and authenticating to the server. The single-use token previously used to mitigate this has been removed. Thanks to Dr. Owain Kenway for suggesting the local file approach.
* Upgrade bootstrap to 3.4, fixing an XSS vulnerability, which has been assigned `CVE-2018-14041 `_ (:ghpull:`4271`).