6.0.1
- Attempt to re-establish websocket connection to Gateway
- Add missing react-dom js to package data
6.0
This is the first major release of the Jupyter Notebook since version 5.0 (March 2017).
We encourage users to start trying JupyterLab, which has just announced it's 1.0 release in preparation
for a future transition.
- Remove Python 2.x support in favor of Python 3.5 and higher.
- Multiple accessibility enhancements and bug-fixes.
- Multiple translation enhancements and bug-fixes.
- Remove deprecated ANSI CSS styles.
- Native support to forward requests to Jupyter Gateway(s) (Embedded NB2KG).
- Use JavaScript to redirect users to notebook homepage.
- Enhanced SSL/TLS security by using PROTOCOL_TLS which selects the highest ssl/tls
protocol version available that both the client and server support. When PROTOCOL_TLS
is not available use PROTOCOL_SSLv23.
- Add ?no_track_activity=1 argument to allow API requests.
to not be registered as activity (e.g. API calls by external activity monitors).
- Kernels shutting down due to an idle timeout is no longer considered
an activity-updating event.
- Further improve compatibility with tornado 6 with improved
checks for when websockets are closed.
- Launch the browser with a local file which redirects to the server address including
the authentication token. This prevents another logged-in user from stealing the token
from command line arguments and authenticating to the server.
The single-use token previously used to mitigate this has been removed.
Thanks to Dr. Owain Kenway for suggesting the local file approach.
- Respect nbconvert entrypoints as sources for exporters
- Update to CodeMirror to 5.37, which includes f-string syntax for Python 3.6.
- Update jquery-ui to 1.12
- Execute cells by clicking icon in input prompt.
- New "Save as" menu option.
- When serving on a loopback interface, protect against DNS rebinding by
checking the Host header from the browser.
This check can be disabled if necessary by setting
NotebookApp.allow_remote_access.
(Disabled by default while we work out some Mac issues in :ghissue:3754).
- Add kernel_info_timeout traitlet to enable restarting slow kernels.
- Add custom_display_host config option to override displayed URL.
- Add /metrics endpoint for Prometheus Metrics.
- Optimize large file uploads.
- Allow access control headers to be overriden in jupyter_notebook_config.py to support
greater CORS and proxy configuration flexibility.
- Add support for terminals on windows.
- Add a "restart and run all" button to the toolbar.
- Frontend/extension-config: allow default json files in a .d directory.
- Allow setting token via jupyter_token env.
- Cull idle kernels using --MappingKernelManager.cull_idle_timeout.
- Allow read-only notebooks to be trusted.
- Convert JS tests to Selenium.
Security Fixes included in previous minor releases of Jupyter Notebook and also included in version 6.0.
- Fix Open Redirect vulnerability (CVE-2019-10255)
where certain malicious URLs could redirect from the Jupyter login page
to a malicious site after a successful login.
- Contains a security fix for a cross-site inclusion (XSSI) vulnerability (CVE-2019–9644),
where files at a known URL could be included in a page from an unauthorized website if
the user is logged into a Jupyter server. The fix involves setting the
X-Content-Type-Options: nosniff header, and applying CSRF checks previously on all
non-GET API requests to GET requests to API endpoints and the /files/ endpoint.
- Check Host header to more securely protect localhost deployments from DNS rebinding.
This is a pre-emptive measure, not fixing a known vulnerability.
Use .NotebookApp.allow_remote_access and .NotebookApp.local_hostnames to configure
access.
- Upgrade bootstrap to 3.4, fixing an XSS vulnerability, which has been
assigned CVE-2018-14041 <https://nvd.nist.gov/vuln/detail/CVE-2018-14041>_.
- Contains a security fix preventing malicious directory names
from being able to execute javascript.
- Contains a security fix preventing nbconvert endpoints from executing javascript with
access to the server API. CVE request pending.
Scrapy 1.7.3:
Enforce lxml 4.3.5 or lower for Python 3.4 (issue 3912, issue 3918).
Scrapy 1.7.2:
Fix Python 2 support (issue 3889, issue 3893, issue 3896).
Scrapy 1.7.1:
Re-packaging of Scrapy 1.7.0, which was missing some changes in PyPI.
Scrapy 1.7.0:
Highlights:
Improvements for crawls targeting multiple domains
A cleaner way to pass arguments to callbacks
A new class for JSON requests
Improvements for rule-based spiders
New features for feed exports
Backward-incompatible changes
429 is now part of the RETRY_HTTP_CODES setting by default
This change is backward incompatible. If you don’t want to retry 429, you must override RETRY_HTTP_CODES accordingly.
Crawler, CrawlerRunner.crawl and CrawlerRunner.create_crawler no longer accept a Spider subclass instance, they only accept a Spider subclass now.
Spider subclass instances were never meant to work, and they were not working as one would expect: instead of using the passed Spider subclass instance, their from_crawler method was called to generate a new instance.
Non-default values for the SCHEDULER_PRIORITY_QUEUE setting may stop working. Scheduler priority queue classes now need to handle Request objects instead of arbitrary Python data structures.
New features
A new scheduler priority queue, scrapy.pqueues.DownloaderAwarePriorityQueue, may be enabled for a significant scheduling improvement on crawls targetting multiple web domains, at the cost of no CONCURRENT_REQUESTS_PER_IP support (issue 3520)
A new Request.cb_kwargs attribute provides a cleaner way to pass keyword arguments to callback methods (issue 1138, issue 3563)
A new JSONRequest class offers a more convenient way to build JSON requests (issue 3504, issue 3505)
A process_request callback passed to the Rule constructor now receives the Response object that originated the request as its second argument (issue 3682)
A new restrict_text parameter for the LinkExtractor constructor allows filtering links by linking text (issue 3622, issue 3635)
A new FEED_STORAGE_S3_ACL setting allows defining a custom ACL for feeds exported to Amazon S3 (issue 3607)
A new FEED_STORAGE_FTP_ACTIVE setting allows using FTP’s active connection mode for feeds exported to FTP servers (issue 3829)
A new METAREFRESH_IGNORE_TAGS setting allows overriding which HTML tags are ignored when searching a response for HTML meta tags that trigger a redirect (issue 1422, issue 3768)
A new redirect_reasons request meta key exposes the reason (status code, meta refresh) behind every followed redirect (issue 3581, issue 3687)
The SCRAPY_CHECK variable is now set to the true string during runs of the check command, which allows detecting contract check runs from code (issue 3704, issue 3739)
A new Item.deepcopy() method makes it easier to deep-copy items (issue 1493, issue 3671)
CoreStats also logs elapsed_time_seconds now (issue 3638)
Exceptions from ItemLoader input and output processors are now more verbose (issue 3836, issue 3840)
Crawler, CrawlerRunner.crawl and CrawlerRunner.create_crawler now fail gracefully if they receive a Spider subclass instance instead of the subclass itself (issue 2283, issue 3610, issue 3872)
Bug fixes
process_spider_exception() is now also invoked for generators (issue 220, issue 2061)
System exceptions like KeyboardInterrupt are no longer caught (issue 3726)
ItemLoader.load_item() no longer makes later calls to ItemLoader.get_output_value() or ItemLoader.load_item() return empty data (issue 3804, issue 3819)
The images pipeline (ImagesPipeline) no longer ignores these Amazon S3 settings: AWS_ENDPOINT_URL, AWS_REGION_NAME, AWS_USE_SSL, AWS_VERIFY (issue 3625)
Fixed a memory leak in MediaPipeline affecting, for example, non-200 responses and exceptions from custom middlewares (issue 3813)
Requests with private callbacks are now correctly unserialized from disk (issue 3790)
FormRequest.from_response() now handles invalid methods like major web browsers
DIST_SUBDIR no longer contains version suffix to prevent distfiles clutter.
Changes since 1.28.1:
* DB-2245: merge with Firefox 68.0.2
* DB-2245: Update to 1.28.2
* DB-2250: fixed about dialog license link
* DB-2247: fix texts on Profile Downgrade dialog
* DB-2246: fallback to textValue as url value
Also remove legacy drivers only building against mxs112:
* x11/xf86-video-newport
* x11/xf86-video-modesetting (integrated into later X versions)
According to tnn, these are no longer useful.
* Originally kept for drm1 users (NetBSD 6).
* The one use case that actually worked was xf86-video-ati6.
* That driver has been patched to work with the new server ABI.
* DHCP: Work with IP headers with options
* script: Assert that env string are correctly terminated
* script: Terminate env strings with no value
* script: Don't attempt to use an invalid env string
* route: Fix NULL deference error when using static routes
* ARP: Respect IFF_NOARP
* DHCP: Add support for ARPHRD_NONE interfaces
* DHCP: Allow full DHCP support for PtP interfaces, but not by default
* DragonFlyBSD: 500704 announces IPv6 address flag changes
* control: sends correct buffer to listeners
DragonFlyBSD-500704 kernel has the functionality dhcpcd needs to compile without any warnings. There are still improvements to be made to the whole network stack, but none of them are dhcpcd specific.
dhcpcd-ui now correctly reports SSD association and all the addresses obtained (regression from dhcpcd-7)
dhcpcd now supports QMI interfaces in RawIP mode - this is basically PtP interface without any L2 frame header. Because PtP interfaces normally configure their address via a 3rd party tool (dhcpcd waits for this address to appear), DHCP is not enabled by default. You can now enable it like so
interface wwan0
dhcp
Or just add --dhcpcd on the command line.
Changes since 5.7.20:
* PKG_OPTIONS that are handled using patterns are correctly identified.
* Simple R packages should follow the canonical variable order.
* Fixed some edge cases for aligning variable assignments.
* Improved detection of allowed values for USE_LANGUAGES.
Changelog:
Features:
Added cert/key file configuration for TLS in kdig (Thanks to Alexander Schultz)
Improvements:
More verbose log message for offline-KSK signing
Module RRL logs affected source address subnet instead of only one source address
Extended DNSSEC policy configuration checks
Various improvements in the documentation
Bugfixes:
Excessive server load when maximum TCP clients limit is reached
Incorrect reply after zone update with a node changed from non-authoritative to delegation
Wrong error line number in a config file if it contains leading tab character
Config file error message contains unrelated parsing context
NSEC3 salt not updated when reconfigured to zero length
Kjournalprint sometimes prints a random value for per-zone occupation
Missing debug log for failed zone refresh triggered by zone notification
DS check not scheduled when reconfigured
Broken unit test on NetBSD 8.x
* Readd _OPENBSD_SOURCE explicitly to fix build on NetBSD 9
Changelog:
13 August 2019: Wouter
- Fix error message for out of zone data to have more information.
12 August 2019: Wouter
- Fix#33: Fix segfault in service of remaining streams on exit.
6 August 2019: Wouter
- Tag for 4.2.2rc1.
5 August 2019: Wouter
- PR #31: nsd-control: Add missing stdio header.
- PR #32: tsig: Fix compilation without HAVE_SSL.
- Cleanup tls context on xfrd exit.
31 July 2019: Wouter
- Fix#29: SSHFP check NULL pointer dereference.
- Fix#30: SSHFP check failure due to missing domain name.
- Fix to timeval_add in minievent for remaining second in microseconds.
22 July 2019: Wouter
- Set timeout for refetch immediately, only spread load when there
are retries.
19 July 2019: Wouter
- Set no renegotiation on the SSL context to stop client
session renegotiation.
18 July 2019: Wouter
- Fix#25: NSD doesn't refresh zones after extended downtime,
it refreshes the old zones, with a random delay of a couple of
seconds to spread the load.
- Fix so that expired zones stay expired when server is down a
long time.
17 July 2019: Wouter
- Fix that NSD warns for wrong length of the hash in SSHFP records.
15 July 2019: Wouter
- PR #23: Fix typo in nsd.conf man-page.
4 July 2019: Wouter
- Set version to 4.2.2 in development.
- clean memory on exit of nsd-checkzone for memory debug.
- Fix#20: CVE-2019-13207 Stack-based Buffer Overflow in the
dname_concatenate() function. Reported by Frederic Cambus.
It causes the zone parser to crash on a malformed zone file,
with assertions enabled, an assertion catches it.
- Fix#19: Out-of-bounds read caused by improper validation of
array index. Reported by Frederic Cambus. The zone parser
fails on type SIG because of mismatched definition with RRSIG.
2 July 2019: Wouter
- Tag for 4.2.1rc1
27 June 2019: Wouter
- Fix unit test for added options and no dot after zone updated
log message.
- Fix compile without accept4.
21 June 2019: Wouter
- Omit remaining tcp processing if the list is empty.
- Fix output of nsd-checkconf -h.
20 June 2019: Wouter
- Initialize event structures before event_set, to stop uninitialized
values from setting event library lists and assertions, that would
sometimes also show after event_del.
- Added num.tls and num.tls6 stat counters.
- PR #12: send-buffer-size, receive-buffer-size,
tcp-reject-overflow options for nsd.conf, from Jeroen Koekkoek.
- Do not use symbol from libc, instead use own replacement, if not
available, for accept4.
- Fix#14, tcp connections have 1/10 to be active and have to work
every second, and then they get time to complete during a reload,
this is a process that lingers with the old version during a version
update.
19 June 2019: Wouter
- Fix tls handshake event callback function mistake, reported
by Mykhailo Danylenko.
18 June 2019: Wouter
- Fix#15: crash in SSL library, initialize variables for TCP access
when TLS is configured.
14 June 2019: Wouter
- Fix to init event not pointer, in reassignment.
12 June 2019: Wouter
- Fix to init event structure for reassignment.
Version 2.4.2:
- Updated the shorthand notation that has been added for repetition
expressions: expr[min, max], with '...' valid as a min or max value:
- expr[...] and expr[0, ...] are equivalent to ZeroOrMore(expr)
- expr[1, ...] is equivalent to OneOrMore(expr)
- expr[n, ...] or expr[n,] is equivalent
to expr*n + ZeroOrMore(expr)
(read as "n or more instances of expr")
- expr[..., n] is equivalent to expr*(0, n)
- expr[m, n] is equivalent to expr*(m, n)
Note that expr[..., n] and expr[m, n] do not raise an exception
if more than n exprs exist in the input stream. If this
behavior is desired, then write expr[..., n] + ~expr.
Better interpretation of [...] as ZeroOrMore raised by crowsonkb,
thanks for keeping me in line!
If upgrading from 2.4.1 or 2.4.1.1 and you have used `expr[...]`
for `OneOrMore(expr)`, it must be updated to `expr[1, ...]`.
- The defaults on all the `__diag__` switches have been set to False,
to avoid getting alarming warnings. To use these diagnostics, set
them to True after importing pyparsing.
Example:
import pyparsing as pp
pp.__diag__.warn_multiple_tokens_in_named_alternation = True
- Fixed bug introduced by the use of __getitem__ for repetition,
overlooking Python's legacy implementation of iteration
by sequentially calling __getitem__ with increasing numbers until
getting an IndexError. Found during investigation of problem
reported by murlock, merci!
Version 3.6:
Changes
* removed unneeded parameter use_dynamic_patch
New Features
* support for src_dir_fd and dst_dir_fd arguments in os.rename,
os.replace and os.link
* added possibility to use modules instead of module names for the
additional_skip_names argument
* added argument allow_root_user to Patcher and UnitTest to allow
forcing non-root access
* added basic support for os.pipe
* added support for symlinks in add_real_directory
* added new public method add_real_symlink
Infrastructure
* added check for correctly installed Python 3 version in Travis.CI
Fixes
* fixed incorrect argument names for some os functions
* fake DirEntry now implements os.PathLike in Python >= 3.6
* fixed incorrect argument name for os.makedirs
* avoid pytest warning under Python 2.7
* add __next__ to FakeFileWrapper
5.6.0:
Significant Changes
Jupter Client Pin
The jupyter_client dependency is now pinned to >5.3.1. This is done to support the Parallel NBConvert below, and future versions may require interface changes from that version.
Parallel NBConvert
NBConvert --execute can now be run in parallel via threads, multiprocessing, or async patterns! This means you can now parallelize nbconvert via a bash loop, or a python concurrency pattern and it should be able to execute those notebooks in parallel.
Kernels have varying support for safe concurrent execution. The ipython kernel (ipykernel version 1.5.2 and higher) should be safe to run concurrently using Python 3. However, the Python 2 ipykernel does not always provide safe concurrent execution and sometimes fails with a socket bind exception. Unlike ipykernel which is maintained by the project, other community-maintained kernels may have varying support for concurrent execution, and these kernels were not tested heavily.
Issues for nbconvert can be viewed here:
.. note: We'll keep an eye for issues related to this new capability and try to quickly patch any discovered issues post release. The improvement required touching three projects with separate releases, so if you do find an issue try upgrading dependencies and listing your dependencies for your environment when reporting.
Execute Loop Rewrite
This release completely rewrote the execution loop responsible for monitoring kernel messages until cell execution is completed. This removes an error where kernel messages could be dropped if too many were posted too quickly. Furthermore, the change means that messages are not buffered. Now, messages can be logged immediately rather than waiting for the cell to terminate.
Comprehensive notes
New Features
- Make a default global location for custom user templates
- Parallel execution improvements
- Added store_history option to preprocess_cell and run_cell
- Simplify the function signature for preprocess()
- Set flag to not always stop kernel execution on errors
- setup_preprocessor passes kwargs to start_new_kernel
Fixing Problems
- Very fast stream outputs no longer drop some messages
- LaTeX errors now properly raise exceptions
- Improve template whitespacing
- Fixes for character in LaTeX exports and filters
- Mistune pinned in preparation for 2.0 release
- Require mock only on Python 2
- Fix selection of mimetype when converting to HTML
- Correct a few typos
- Update export_from_notebook names
- Dedenting html in ExtractOutputPreprocessor
- Fix backwards incompatibility with markdown2html
- Fixed html image tagging
- Remove unnecessary css
Testing, Docs, and Builds
- Pip-install nbconvert on readthedocs.org
- Fix various doc build issues
- Add issue templates
- Added instructions for bumping the version forward when releasing
- Fix Testing on Windows
- Refactored test_run_notebooks
- Fixed documentation typos
0.4:
* Add support for assertDictContainsSubset.
* Put parenthesis around expressions if required.
* Fixed assertRaisesRegex, assertRaisesRegexp and assertWarnsRegex.
The regex was getting replaced with an undefined variable pattern.
* Fix assertRaisesRegex and assertRaisesRegexp with **kwargs and
atom parameters.
* Made assertRaisesRegex, assertRaisesRegexp and assertWarnsRegex use
the match kwarg in pytest.raises instead of creating a variable
with the context manager and doing an assert on re.search.
* Add a short developer guide.
* Remove testing on Python 3.0, 3.1, 3.2, add 3.6 and 3.7.
* Distribute package as a universal wheel.
1.9.3
- **FIX**: [attr!=value] pattern was mistakenly using :not([attr|=value]) logic instead of :not([attr=value]).
- **FIX**: Remove undocumented _QUIRKS mode flag. Beautiful Soup was meant to use it to help with transition to Soup
Sieve, but never released with it. Help with transition at this point is no longer needed.
0.33.6:
- Fixed regression from 0.33.5 that broke building binary wheels against the
limited ABI
- Fixed egg2wheel compatibility with the future release of Python 3.10
0.33.5:
- Don't add the m ABI flag to wheel names on Python 3.8
- Updated MANIFEST.in to include many previously omitted files in the sdist
v0.8.1
Exiting with a SIGTERM exit code is fine when we sent it
When we forcefully close the subprocess with Popen.terminate(), we must not
complain that it returns an exit code of -15 (corresponding to SIGTERM).
v0.8.0
Speed improvements when iterating over gzipped files.
Note: It doesn't seem to be possible to build Mesa without X11 support yet.
While here,
- Fix building with non-modular X.
- Appease pkglint and my eyes.
5.1.2
5.1.2 fixes some socket-binding race conditions that caused testing failures in
nbconvert.
- Fix socket-binding race conditions
- Add a no-op ``flush`` method to ``DummySocket`` and comply with stream API
- Update kernel version to indicate kernel v5.3 support
- Add testing for upcoming Python 3.8 and PEP 570 positional parameters
5.3.1
- Fix bug with control channel socket introduced in 5.3.0
5.3.0
New Features:
- Multiprocessing and Threading support
- Setup package long_description
Changes:
- Control channel now in the public API
- Closing Jupyter Client is now faster
- Pip support improvements
Breaking changes:
- Dropped support for Python 3.3 and 3.4 (upstream packages dropped support already)
0.3.12:
Add support for (preliminary) low latency protocol extensions
Fix quote handling on ASSOC-LANGUAGE and INSTREAM-ID
Don't assume EXTINF titles are quoted
