Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Applied fix for secure writes in non-enlgish windows that was added to jupyer_client #88

Merged
merged 1 commit into from
Sep 18, 2019
Merged

Applied fix for secure writes in non-enlgish windows that was added to jupyer_client #88

merged 1 commit into from
Sep 18, 2019

Conversation

MSeal
Copy link
Contributor

@MSeal MSeal commented Sep 17, 2019

See jupyter/jupyter_client#478 for details, but this should be included in the next release.

@MSeal
Copy link
Contributor Author

MSeal commented Sep 17, 2019

@rgbkrk @rolweber FYI

@kevin-bates
Copy link
Member

Thanks for dealing with this @MSeal!

Is there any reason we can't switch to using the functions from jupyter_client (5.3.3)? Ideally, as the #TODO points out, we want these in jupyter_core but that's probably a different move.

((Note: If/when we switch to using the jupyter_kernel_mgmt stuff jupyter_client goes away but we'll need to update the spec kernel provider here.))

@MSeal
Copy link
Contributor Author

MSeal commented Sep 17, 2019

@kevin-bates You likely want to either copy the functions -- or help get someone to merge jupyter/jupyter_core#163 so it's available from core :)

There was a security advisory that some internal secret files weren't guaranteed to be saved to permission secured files. In most cases the default behavior is fine but in some setups it exposes files to be read / written by adjacent (or anonymous) users.

@MSeal
Copy link
Contributor Author

MSeal commented Sep 17, 2019

In the meanwhile loading it from jupyter_client is probably fine if you already have the dependency added anyway.

@kevin-bates
Copy link
Member

@MSeal - dang, I didn't realize I hadn't been watching core - thank you!

@Zsailer
Copy link
Member

Zsailer commented Sep 18, 2019

Thanks, @MSeal! LGTM.

rolweber
rolweber approved these changes Sep 18, 2019
View reviewed changes
Copy link
Contributor

@rolweber rolweber left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@rolweber
Copy link
Contributor

I'll merge this as-is. If we switch to using the function from jupyter_client, that should be done with a separate PR.

@rolweber rolweber merged commit cf738b0 into jupyter-server:master Sep 18, 2019
@rolweber rolweber mentioned this pull request Sep 18, 2019
Closed
@rgbkrk
Copy link
Contributor

rgbkrk commented Sep 18, 2019

Thank you all!

Zsailer added a commit to Zsailer/jupyter_server that referenced this pull request Nov 18, 2022
@Zsailer
use entrypoints for mode configuration (jupyter-server#88)
4ff6702 
* use entrypoints for mode configuration

* update version

Co-authored-by: Steven Silvester <ssilvester@apple.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rolweber rolweber rolweber approved these changes

@Zsailer Zsailer Zsailer approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@MSeal @kevin-bates @Zsailer @rolweber @rgbkrk