New features:
- Update to CodeMirror to 5.37, which includes f-string sytax for
Python 3.6 (#3816) - Update jquery-ui to 1.12 (#3836)
- Check Host header to more securely protect localhost deployments
from DNS rebinding. This is a pre-emptive measure, not fixing a
known vulnerability (#3766). Use.NotebookApp.allow_remote_access
and.NotebookApp.local_hostnamesto configure access. - Allow access-control-allow-headers to be overridden (#3886)
- Allow configuring max_body_size and max_buffer_size (#3829)
- Allow configuring get_secure_cookie keyword-args (#3778)
- Respect nbconvert entrypoints as sources for exporters (#3879)
- Include translation sources in source distributions (#3925, #3931)
- Various improvements to documentation (#3799, #3800, #3806,
#3883, #3908)
Fixing problems:
- Fix breadcrumb link when running with a base url (#3905)
- Fix possible type error when closing activity stream (#3907)
- Disable metadata editing for non-editable cells (#3744)
- Fix some styling and alignment of prompts caused by regressions in
5.6.0. - Enter causing page reload in shortcuts editor (#3871)
- Fix uploading to the same file twice (#3712)
See the 5.7 milestone on GitHub for a complete list of pull
requests involved in this release.