Jupyter notebook changelog¶
A summary of changes in the Jupyter notebook. For more detailed information, see GitHub.
pip install notebook --upgrade or
conda upgrade notebook to
upgrade to the latest release.
4.3.1 is a patch release with a security patch, a couple bug fixes, and improvements to the newly-released token authentication.
- CVE-2016-9971. Fix CSRF vulnerability, where malicious forms could create untitled files and start kernels (no remote execution or modification of existing files) for users of certain browsers (Firefox, Internet Explorer / Edge). All previous notebook releases are affected.
- Fix carriage return handling
- Make the font size more robust against fickle browsers
- Ignore resize events that bubbled up and didn’t come from window
- Add Authorization to allowed CORS headers
- Downgrade CodeMirror to 5.16 while we figure out issues in Safari
- Better docs for token-based authentication
- Further highlight token info in log output when autogenerated
4.3 is a minor release with many bug fixes and improvements.
The biggest user-facing change is the addition of token authentication,
which is enabled by default.
A token is generated and used when your browser is opened automatically,
so you shouldn’t have to enter anything in the default circumstances.
If you see a login page
(e.g. by switching browsers, or launching on a new port with
you get a login URL with the token from the command
jupyter notebook list,
which you can paste into your browser.
- API for creating mime-type based renderer extensions using
Notebook.render_cell_outputmethods. See mimerender-cookiecutter for reference implementations and cookiecutter.
- Enable token authentication by default. See Security in the Jupyter notebook server for more details.
- Update security docs to reflect new signature system
- Switched from term.js to xterm.js
- Ensure variable is set if exc_info is falsey
- Catch and log handler exceptions in
- Add debug log for static file paths
- Don’t check origin on token-authenticated requests
- Remove leftover print statement
- Fix highlighting of Python code blocks
json_errorsshould be outermost decorator on API handlers
- Fix remove old nbserver info files
- Fix notebook mime type on download links
- Fix carriage symbol bahvior
- Fix terminal styles
- Update dead links in docs
- If kernel is broken, start a new session
- Include cross-origin check when allowing login URL redirects
- Allow JSON output data with mime type “application/*+json”
- Allow kernelspecs to have spaces in them for backward compat
- Allow websocket connections from scripts
- Upgrade CodeMirror to 5.21
- Upgrade xterm to 2.1.0
- Docs for using comms
dirtyflag when output arrives
ws-urldata attribute when accessing a notebook terminal
- Add base aliases for nbextensions
@operator in CodeMirror IPython mode
- Extend mathjax_url docstring
- Load nbextension in predictable order
- Improve the error messages for nbextensions
- Include cross-origin check when allowing login URL redirects
4.2.3 is a small bugfix release on 4.2.
- Fix regression in 4.2.2 that delayed loading custom.js
app_initializedevents have fired.
- Fix some outdated docs and links.
4.2.3 on GitHub.
4.2.2 is a small bugfix release on 4.2, with an important security fix. All users are strongly encouraged to upgrade to 4.2.2.
- Fix missing POST in OPTIONS responses.
- Fix for downloading non-ascii filenames.
- Avoid clobbering ssl_options, so that users can specify more detailed SSL configuration.
- Fix inverted load order in nbconfig, so user config has highest priority.
- Improved error messages here and there.
4.2.2 on GitHub.
4.2.1 is a small bugfix release on 4.2. Highlights:
- Compatibility fixes for some versions of ipywidgets
- Fix for ignored CSS on Windows
- Fix specifying destination when installing nbextensions
4.2.1 on GitHub.
Release 4.2 adds a new API for enabling and installing extensions. Extensions can now be enabled at the system-level, rather than just per-user. An API is defined for installing directly from a Python package, as well.
- Upgrade MathJax to 2.6 to fix vertical-bar appearing on some equations.
- Restore ability for notebook directory to be root (4.1 regression)
- Large outputs are now throttled, reducing the ability of output floods to kill the browser.
- Fix the notebook ignoring cell executions while a kernel is starting by queueing the messages.
- Fix handling of url prefixes (e.g. JupyterHub) in terminal and edit pages.
- Support nested SVGs in output.
And various other fixes and improvements.
- Properly reap zombie subprocesses
- Fix cross-origin problems
- Fix double-escaping of the base URL prefix
- Handle invalid unicode filenames more gracefully
- Fix ANSI color-processing
- Send keepalive messages for web terminals
- Fix bugs in the notebook tour
Moved the cell toolbar selector into the View menu. Added a button that triggers a “hint” animation to the main toolbar so users can find the new location. (Click here to see a screencast )
Added Restart & Run All to the Kernel menu. Users can also bind it to a keyboard shortcut on action
Added multiple-cell selection. Users press
Shift-K/Jto extend selection in command mode. Various actions such as cut/copy/paste, execute, and cell type conversions apply to all selected cells.
Added a command palette for executing Jupyter actions by name. Users press
Cmd/Ctrl-Shift-Por click the new command palette icon on the toolbar.
Added a Find and Replace dialog to the Edit menu. Users can also press
Fin command mode to show the dialog.
- Custom KernelManager methods can be Tornado coroutines, allowing async operations.
- Make clearing output optional when rewriting input with
- Added support for TLS client authentication via
- Added tags to
jupyter/notebookreleases on DockerHub.
latestcontinues to track the master branch.
- fix installation of mathjax support files
- fix some double-escape regressions in 4.0.5
- fix a couple of cases where errors could prevent opening a notebook
Security fixes for maliciously crafted files.
Thanks to Jonathan Kamens at Quantopian and Juan Broullón for the reports.
- Fix inclusion of mathjax-safe extension
- Fix launching the notebook on Windows
- Fix the path searched for frontend config
First release of the notebook as a standalone package.