
Research
Security News
Lazarus Strikes npm Again with New Wave of Malicious Packages
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
jupyter-widget-echo-testing
Advanced tools
A Custom Jupyter Widget Library
You can install using pip
:
pip install jupyter_widget_echo_testing
If you are using Jupyter Notebook 5.2 or earlier, you may also need to enable the nbextension:
jupyter nbextension enable --py [--sys-prefix|--user|--system] jupyter_widget_echo_testing
Create a dev environment:
conda create -n jupyter_widget_echo_testing-dev -c conda-forge nodejs yarn python jupyterlab
conda activate jupyter_widget_echo_testing-dev
Install the python. This will also build the TS package.
pip install -e ".[test, examples]"
When developing your extensions, you need to manually enable your extensions with the notebook / lab frontend. For lab, this is done by the command:
jupyter labextension develop --overwrite .
yarn run build
For classic notebook, you need to run:
jupyter nbextension install --sys-prefix --symlink --overwrite --py jupyter_widget_echo_testing
jupyter nbextension enable --sys-prefix --py jupyter_widget_echo_testing
Note that the --symlink
flag doesn't work on Windows, so you will here have to run
the install
command every time that you rebuild your extension. For certain installations
you might also need another flag instead of --sys-prefix
, but we won't cover the meaning
of those flags here.
If you use JupyterLab to develop then you can watch the source directory and run JupyterLab at the same time in different terminals to watch for changes in the extension's source and automatically rebuild the widget.
# Watch the source directory in one terminal, automatically rebuilding when needed
yarn run watch
# Run JupyterLab in another terminal
jupyter lab
After a change wait for the build to finish and then refresh your browser and the changes should take effect.
If you make a change to the python code then you will need to restart the notebook kernel to have it take effect.
FAQs
A Custom Jupyter Widget Library
We found that jupyter-widget-echo-testing demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.