Research
Security News
Malicious PyPI Package ‘pycord-self’ Targets Discord Developers with Token Theft and Backdoor Exploit
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
@jupyterlab/mainmenu
Advanced tools
A JupyterLab extension which provides the application menubar.
4.0.0 - Highlights
Below are the major highlights in JupyterLab 4.0.0.
CodeMirror, the text editor used for cells and file editors, has been updated to CodeMirror 6. This brings important accessibility and performance improvements as well as better customization capabilities. We have also improved the editor settings. Previously, users had to customize settings separately for each type of cell, the file editor, and the console editor. Now, you can change your settings in one place. It is now easier to use the default settings for all editors and to change some settings for specific cases. For example, you can now hide line numbers only for markdown cells.
Developers can now provide editor extensions, like themes and programming language parsers, through new application registries.
Starting with JupyterLab 3, extensions can be installed via Python packages (or other providers of prebuilt extensions).
In JupyterLab 4, building on this feature, the Extension Manager now includes extensions from pypi.org. This removes the build step from installation of extension when using Extension Manager.
Developers can provide an alternative package repository to display their own set of extensions.
The Search and Replace functionality has been improved with new features when searching in a notebook:
Some new elements have been added or changed in the UI:
JupyterLab is not yet fully accessible. Currently, we are focused on making Notebook 7 accessible. A big part of the code is shared, though, and the following accessibility improvements are in JupyterLab 4:
JupyterLab is now faster, thanks to the following improvements:
Notebook windowing might add side effects for example if some cell outputs are displaying iframes. Therefore it is not yet the default value. But we recommend user to switch to it and report bugs to help us polish it. To test it, you
need to set the user setting Notebook > Windowing mode to full
. If you have issues with notebook rendering, try changing back to defer
or none
. (none
should be used as a last resort, because it disables all optimizations.)
JupyterLab 3.6 already made significant improvements to the Real Time Collaboration (RTC) feature. The feature is now in a separate repository: jupyter_collaboration. The rationale is to limit the dependencies for users who don't need RTC. Separating RTC also helps organizations using JupyterLab that do not meet the specific requirements regarding file content management.
To enable RTC, install the jupyter-collaboration
package with either pip
or conda
.
pip install "jupyter-collaboration>=1.0.0a0"
RTC highlights in the standalone jupyter-collboration
package, version 1.0.0, include:
Here are the main tool updates that will benefit extension authors and developers:
We recommend using Node.js v18 or newer, because older versions will reach end of life in 2023 or earlier (see Node release schedule).
To ease code migration to JupyterLab 4, developers should review the migration guide. A few existing extensions have already been migrated and can be used as examples:
<!-- <START NEW CHANGELOG ENTRY> -->FAQs
JupyterLab - Main Menu
The npm package @jupyterlab/mainmenu receives a total of 16,331 weekly downloads. As such, @jupyterlab/mainmenu popularity was classified as popular.
We found that @jupyterlab/mainmenu demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.