Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
jupyterlab_bokeh
Advanced tools
jupyterlab_bokeh
A JupyterLab extension for rendering Bokeh content
Prerequisites
- JupyterLab
Installation
To install the latest version:
jupyter labextension install jupyterlab_bokeh
To install a specific version:
jupyter labextension install jupyterlab_bokeh@x.y.x
Development
For a development install (requires npm version 4 or later), do the following in the repository directory:
npm install
jupyter labextension link .
To rebuild the package and the JupyterLab app:
npm run build
jupyter lab build
To incrementally rebuild the extension and JupyterLab after changes you can run
npm run watch
and in another terminal run
jupyter lab --watch
Testing
There is a directory named test_cases which contains a collection of notebooks that cover the various jupyterlab_bokeh functionalities. If you update the extension for new JupyterLab releases, please manually execute each and check that the expected behavior occurs. If you extend the jupyterlab_bokeh, please add a new notebook that covers the new functionality.
FAQs
A JupyterLab extension for rendering Bokeh content
We found that jupyterlab_bokeh demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 17 Oct 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025