github marimo-team/marimo 0.17.1
on GitHub

latest release: 0.17.2
2 days ago

What's Changed

Important: Embedded JavaScript in markdown will now be stripped - this is a feature, not a bug! Users who need to render custom HTML/JS should use mo.Html() or mo.iframe() instead of mo.md().

Break: markdown output (mo.md) is always sanitized by default. This is so application builders don't need to worry about sanitizing their own input when interpolating in markdown and inputs, e.g. mo.md(f"Hello {user_input.value}")
own.

Break: All outputs are sanitized before any cell is run. This is to prevent accidental running of JavaScript when opening a notebook.

Experimental Agent Mode - New experimental agent mode in the AI chat sidebar with tools to edit cells, run cells, and read their outputs.

✨ Enhancements

  • Add google-genai dependency to recommended, tweak marimo env optional deps (#6826)
  • Add GetCellOutputs tool and get_llm_context for all UIElement classes (#6889)
  • Handle SSL configuration for other openai compat config. (#6907)
  • Implement ReconnectingWebSocketTransport for improved WebSocket handling (#6909)
  • Better tracebacks, padding, remove button for static files (#6912)
  • Print matplotlib Figures/Axes in rich table output (#6904)
  • add duplicate selection shortcut to hotkeys as part of editing command (#6843)
  • Avoid full width for column faceted charts (#6887)
  • add sample query, better tool descriptions to improve agentic mode (#6880)
  • add data config in the UI (#6878)
  • Fallback to available storage when localStorage is not available (#6879)
  • add run stale cells tool, refactor out notebook actions (#6842)
  • Auto_instantiate=false by default (#6849)
  • Package installation autorun (#6856)
  • Add LintNotebook tool to backend and mcp server (#6853)
  • increase timeout to 120s for reasoning models (#6839)
  • allow run-all for completions bar (#6840)
  • Show better diff for ACP (#6828)
  • Hack needed to support the NVIDIA DGX Spark (#6822)
  • Set cursor-pointer for button (#6775)
  • Portals in vscode (#6803)

🐛 Bug fixes

  • Add setup cell that has been deleted (#6916)
  • fix wrapping on long text in tables (#6917)
  • support column edits based on index, instead of id (#6891)
  • Disable lsp by default (#6908)
  • Dont mutate pandas when fixing column types (#6906)
  • Copy code block inside accordion (#6905)
  • Respect sandbox confirmation (#6885)
  • Merge streamed agent message chunks to prevent fragmentation (#6835)
  • Fix typo introduced during refactoring (#6876)
  • fix column names that are not stringed in tables (#6873)
  • add catches for get_schemas (#6874)
  • Sanitize markdown text (#6848)
  • fix delay mount css (#6864)
  • Failing cache test on python 3.10 (#6863)
  • Better cli error when missing mcp dep (#6859)
  • Cell style not applied correctly (#6824)
  • Mark commentLines as readonly in SQLMetadata (#6846)
  • Allow cache blocks to be invoked in script mode (#6819)
  • Hide invalid options on setup cell context menu (#6821)
  • use spinning indicator and check instead for autofix (#6830)
  • Update markdown output to include 'contents' class (#6804)
  • Table charts should update when underlying data updates (#6809)

📚 Documentation

  • Security documentation updates (#6881)
  • Fallbacks and warnings for missing features from sandboxed iframes + docs (#6883)
  • More prescriptive remote connection docs (#6871)
  • Update command to launch ACP in windows (#6862)
  • Fix link to uv guide (#6816)
  • Make getting started installation uv section less confusing (… (#6813)
  • Dataframe docs (#6812)
  • Improve copilot docs (#6811)
  • Update gh actions uv setup to v7 (#6799)

🔬 Preview features

  • edit notebook tool (#6786)

📝 Other changes

  • Update dependency tailwindcss to ^4.1.15 (#6902)
  • Update dependency vite to ^7.1.19 (#6900)
  • Update dependency vite to ^7.1.18 (#6897)
  • Update build tools (#6890)
  • Upgrade form-data to secure version (#6888)
  • Bump postcss from 7.0.39 to 8.5.6 (#6884)
  • Merge commit from fork (b2f7e9b)
  • Update testing dependencies (#6855)
  • [pre-commit.ci] pre-commit autoupdate (#6850)
  • Merge commit from fork (a107e81)
  • Ci breakage in python 3.13.8 (#6831)
  • Support git dependencies in sandboxed script metadata (#5545) (#6827) (74b3602)
  • Update use-acp to version 0.2.4 and better ACP loading state UI (#6815)
  • Migrate out smart cell logic to its own package (#6808)
  • Duckdb interrupt (#6806)
  • Filter sql defs from generated return (#6805)
  • Allow ASYNC240 (#6703) (4ea8cf3)
  • Add tool guidelines to all backend/mcp tools (#6801)

Contributors

Thanks to all our community and contributors who made this release possible: @akshayka, @arjunguha, @bjoaquinc, @dmadisetti, @koaning, @Light2Dark, @manzt, @minsun-ss, @mscolnick, @olad5, @prosoitos, @sebkur, @sshtomar

And especially to our new contributors:

Full Changelog: 0.17.0...TODO_CURRENT_VERSION

Check out latest releases or
releases around marimo-team/marimo 0.17.1

Don't miss a new marimo release

NewReleases is sending notifications on new releases.

Get notifications