build(deps-dev): bump jupyterlab from 3.5.3 to 3.6.8

[dependabot]

Bumps jupyterlab from 3.5.3 to 3.6.8.

Release notes

Sourced from jupyterlab's releases.

v3.6.8

3.6.8

(Full Changelog)

Bugs fixed

• Fix workspaces loading #15842 (@​krassowski)

Maintenance and upkeep improvements

• Run Python tests on MacOS with Python 12, replace canvas with jest-canvas-mock #16314 (@​krassowski)
• Ignore empty stdout data when logging in verdaccio #16459 (@​fcollonval)
• Install Firefox from brew on Mac on CI #16245 (@​krassowski)

Documentation improvements

• Run Python tests on MacOS with Python 12, replace canvas with jest-canvas-mock #16314 (@​krassowski)
• Remove SO links, add more recent issue to FAQ #15811 (@​krassowski)

Other merged PRs

• Removed broken gif links in README.md files #16151 (@​Tanmay-Deshmukh)

Contributors to this release

(GitHub contributors page for this release)

@​afshin | @​ajbozarth | @​AllanChain | @​andrii-i | @​bollwyvl | @​brichet | @​davidbrochart | @​diyoyo | @​echarles | @​ellisonbg | @​ericsnekbytes | @​fcollonval | @​FoSuCloud | @​g547315 | @​gabalafou | @​github-actions | @​guyq1997 | @​HaudinFlorence | @​j264415 | @​JasonWeill | @​joaopalmeiro | @​jtpio | @​jupyterlab-dev-mode | @​jupyterlab-probot | @​kiliansinger | @​kolibril13 | @​krassowski | @​linlol | @​lumberbot-app | @​mahendrapaipuri | @​meeseeksmachine | @​Mehak261124 | @​None | @​Rob-P-Smith | @​RRosio | @​srdas | @​tonyfast | @​trungleduc | @​welcome | @​williamstein | @​xc2 | @​Zsailer

v3.6.7

3.6.7

(Full Changelog)

Security fixes

• Potential authentication and CSRF tokens leak in JupyterLab (GHSA-44cc-43rp-5947)

Bugs fixed

• [3.6.x] Fix M1 install, declare node-gyp@^9.0.0 #15395 (@​dlqqq)
• Backport PR #14534 and PR #15237 on branch 3.6.x (Hide completer when changing notebook tabs) #15244 (@​meeseeksmachine)

Maintenance and upkeep improvements

• Pin actions/labeler to v4 to fix failing CI action #15496 (@​krassowski)
• Fix URLs in debugger-extension #15462 (@​fcollonval)
• Fix docs deployment failing on 3.6 branch #15424 (@​krassowski)

... (truncated)

Changelog

Sourced from jupyterlab's changelog.

(changelog)=

JupyterLab Changelog

v4.3 (beta)

JupyterLab 4.3 includes a number of new features (described below), bug fixes, and enhancements. This release is compatible with extensions supporting JupyterLab 4.0. Extension authors are recommended to consult the Extension Migration Guide which lists deprecations and changes to the public API.

Minimap

The virtual scrollbar now acts as a minimap and exposes information on whether a cell:

• is running/scheduled ([*]), idle ([ ]) or was already run (e.g. [1])
• was modified since it was last executed ("dirty") - orange background
• has an output that contains an error - red background
• is markdown/code ([ ]/[*]/[1] for code, nothing for markdown)
• how much text/code it contains

To enable the minimap, click on the hamburger icon (≡) which appears in the notebook's toolbar. If you do not see the hamburger icon, go to Settings → Notebook → Windowing mode and choose "full".

Fullscreen mode

JupyterLab now offers two ways to toggle the full screen mode from within the application:

• using the View → Appearance → Fullscreen Mode menu entry
• using a customizable shortcut, by default F11 (custom shortcuts are supported in Chrome, Safari and Edge)

File browser enhancements

The file browser now:

• supports resizing the columns and remembers the column sizes after reloading JupyterLab
• supports uploading folders by drag-and-drop
• supports navigation with a single click (opt-in)
• has the file filter collapsed by default (funnel icon), increasing the space available

Server-side execution and collaboration

JupyterLab 4.2 added the option for extensions to implement server-side execution, which preserves outputs created when the browser window is closed or disconnected. The server-side execution builds on the same shared models API as the real-time collaboration (RTC).

This release includes additional work, improving both the server-side execution and real-time collaboration (RTC) use cases:

... (truncated)

Commits

• decbea1 [ci skip] New version
• 06ad9de Merge commit from fork
• 2ce23ac Backport PR #16245: Install Firefox from brew on Mac on CI (#16249)
• 51da49c Backport PR #16151: Removed broken gif links in README.md files (#16504)
• a6ee24f Backport PR #16459: Ignore empty stdout data when logging in verdaccio (#16463)
• 7b80cf9 Backport PR #16314: Run Python tests on MacOS with Python 12, replace `canvas...
• d3897d2 Backport PR #15842: Fix workspaces loading (#15847)
• 17a2c05 Backport PR #15811 on branch 3.6.x (Remove SO links, add more recent issue to...
• ccc9082 Automated Changelog Entry - Remove 1 placeholder entries. (#15668)
• c71ad3c [ci skip] Publish 3.6.7
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[priscavdsluis]

@dependabot recreate

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud