--- - branch: MAIN date: Thu Nov 29 18:34:12 UTC 2018 files: - new: '1.3' old: '1.2' path: pkgsrc/www/py-notebook/ALTERNATIVES pathrev: pkgsrc/www/py-notebook/ALTERNATIVES@1.3 type: modified - new: '1.9' old: '1.8' path: pkgsrc/www/py-notebook/Makefile pathrev: pkgsrc/www/py-notebook/Makefile@1.9 type: modified - new: '1.7' old: '1.6' path: pkgsrc/www/py-notebook/PLIST pathrev: pkgsrc/www/py-notebook/PLIST@1.7 type: modified - new: '1.7' old: '1.6' path: pkgsrc/www/py-notebook/distinfo pathrev: pkgsrc/www/py-notebook/distinfo@1.7 type: modified id: 20181129T183412Z.0e813e5105d36ccc7f3f799131583b1afebbe11e log: | py-notebook: updated to 5.7.2 5.7.2 5.7.2 contains a security fix preventing malicious directory names from being able to execute javascript. CVE request pending. 5.7.1 5.7.1 contains a security fix preventing nbconvert endpoints from executing javascript with access to the server API. CVE request pending. 5.7.0 New features: - Update to CodeMirror to 5.37, which includes f-string sytax for Python 3.6 - Update jquery-ui to 1.12 - Check Host header to more securely protect localhost deployments from DNS rebinding. This is a pre-emptive measure, not fixing a known vulnerability Use .NotebookApp.allow_remote_access and .NotebookApp.local_hostnames to configure access. - Allow access-control-allow-headers to be overridden - Allow configuring max_body_size and max_buffer_size - Allow configuring get_secure_cookie keyword-args - Respect nbconvert entrypoints as sources for exporters - Include translation sources in source distributions - Various improvements to documentation Fixing problems: - Fix breadcrumb link when running with a base url - Fix possible type error when closing activity stream - Disable metadata editing for non-editable cells - Fix some styling and alignment of prompts caused by regressions in 5.6.0. - Enter causing page reload in shortcuts editor - Fix uploading to the same file twice module: pkgsrc subject: 'CVS commit: pkgsrc/www/py-notebook' unixtime: '1543516452' user: adam