npmpackage.info

Gathering detailed insights and metrics for @jupyterlab/services

@jupyterlab/services

JupyterLab computational environment.

7.3.1

14,227

NOASSERTION

TypeScript

17,788,990 5.6

Installations

npm install @jupyterlab/services

Pull Requests

Open

92

Total

8,350

Closed

826

Merged

7,432

Issues

Open

2,445

Total

8,572

Closed

6,127

Releases

218

v4.4.0a0

Published on 19 Nov 2024

v4.3.1

Published on 16 Nov 2024

v4.2.6

Published on 15 Nov 2024

v4.3.0

Published on 30 Oct 2024

v4.3.0rc1

Published on 24 Oct 2024

v4.3.0rc0

Published on 14 Oct 2024

View all 218 releases

Developer

jupyterlab

Developer Guide

BETA

Module System

CommonJS, UMD

Min. Node Version

Typescript Support

No

Node Version

20.18.0

NPM Version

10.8.2 Statistics

14,227 Stars

26,214 Commits

3,410 Forks

306 Watching

22 Branches

565 Contributors

Updated on 28 Nov 2024

Languages

TypeScript (86.51%)

Python (5%)

CSS (4.6%)

JavaScript (2.1%)

Jupyter Notebook (1.2%)

Shell (0.3%)

HTML (0.21%)

PowerShell (0.03%)

Dockerfile (0.03%)

Makefile (0.02%)

Total Downloads

Cumulative downloads

Total Downloads

17,788,990

Last day

-1.2%

10,052

Compared to previous day

Last week

-2%

62,559

Compared to previous week

Last month

-13%

301,731

Compared to previous month

Last year

81.7%

4,911,458

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

ws @jupyter/ydoc @lumino/polling @lumino/coreutils @lumino/signaling @lumino/disposable @lumino/properties @jupyterlab/statedb @jupyterlab/nbformat @jupyterlab/coreutils @jupyterlab/settingregistry

Dev Dependencies

jest rimraf webpack @types/ws typescript @types/jest webpack-cli @jupyterlab/testing

Versions

JupyterLab

An extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture.

JupyterLab is the next-generation user interface for Project Jupyter offering all the familiar building blocks of the classic Jupyter Notebook (notebook, terminal, text editor, file browser, rich outputs, etc.) in a flexible and powerful user interface.

JupyterLab can be extended using npm packages that use our public APIs. The prebuilt extensions can be distributed via PyPI, conda, and other package managers. The source extensions can be installed directly from npm (search for jupyterlab-extension) but require an additional build step. You can also find JupyterLab extensions exploring GitHub topic jupyterlab-extension. To learn more about extensions, see the user documentation.

Read the current JupyterLab documentation on ReadTheDocs.

[!IMPORTANT] JupyterLab 3 reached its end of maintenance date on May 15, 2024. Fixes for critical issues will still be backported until December 31, 2024. If you are still running JupyterLab 3, we strongly encourage you to upgrade to JupyterLab 4 as soon as possible. For more information, see JupyterLab 3 end of maintenance on the Jupyter Blog.

Getting started

Installation

If you use conda, mamba, or pip, you can install JupyterLab with one of the following commands.

If you use conda:

1conda install -c conda-forge jupyterlab

If you use mamba:

1mamba install -c conda-forge jupyterlab

If you use pip:
```
1pip install jupyterlab
```
If installing using pip install --user, you must add the user-level bin directory to your PATH environment variable in order to launch jupyter lab. If you are using a Unix derivative (e.g., FreeBSD, GNU/Linux, macOS), you can do this by running export PATH="$HOME/.local/bin:$PATH".

For more detailed instructions, consult the installation guide. Project installation instructions from the git sources are available in the contributor documentation.

Installing with Previous Versions of Jupyter Notebook

When using a version of Jupyter Notebook earlier than 5.3, the following command must be run after installing JupyterLab to enable the JupyterLab server extension:

1jupyter serverextension enable --py jupyterlab --sys-prefix

Running

Start up JupyterLab using:

1jupyter lab

JupyterLab will open automatically in the browser. See the documentation for additional details.

If you encounter an error like "Command 'jupyter' not found", please make sure PATH environment variable is set correctly. Alternatively, you can start up JupyterLab using ~/.local/bin/jupyter lab without changing the PATH environment variable.

Prerequisites and Supported Browsers

The latest versions of the following browsers are currently known to work:

Firefox
Chrome
Safari

See our documentation for additional details.

Getting help

We encourage you to ask questions on the Discourse forum. A question answered there can become a useful resource for others.

Bug report

To report a bug please read the guidelines and then open a Github issue. To keep resolved issues self-contained, the lock bot will lock closed issues as resolved after a period of inactivity. If a related discussion is still needed after an issue is locked, please open a new issue and reference the old issue.

Feature request

We also welcome suggestions for new features as they help make the project more useful for everyone. To request a feature please use the feature request template.

Development

Extending JupyterLab

To start developing an extension for JupyterLab, see the developer documentation and the API docs.

Contributing

To contribute code or documentation to JupyterLab itself, please read the contributor documentation.

JupyterLab follows the Jupyter Community Guides.

License

JupyterLab uses a shared copyright model that enables all contributors to maintain the copyright on their contributions. All code is licensed under the terms of the revised BSD license.

Team

JupyterLab is part of Project Jupyter and is developed by an open community. The maintenance team is assisted by a much larger group of contributors to JupyterLab and Project Jupyter as a whole.

JupyterLab's current maintainers are listed in alphabetical order, with affiliation, and main areas of contribution:

Mehmet Bektas, Netflix (general development, extensions).
Alex Bozarth, IBM (general development, extensions).
Eric Charles, Datalayer, (general development, extensions).
Frédéric Collonval, WebScIT (general development, extensions).
Martha Cryan, Mito (general development, extensions).
Afshin Darian, QuantStack (co-creator, application/high-level architecture, prolific contributions throughout the code base).
Vidar T. Fauske, JPMorgan Chase (general development, extensions).
Brian Granger, AWS (co-creator, strategy, vision, management, UI/UX design, architecture).
Jason Grout, Databricks (co-creator, vision, general development).
Michał Krassowski, Quansight (general development, extensions).
Max Klein, JPMorgan Chase (UI Package, build system, general development, extensions).
Gonzalo Peña-Castellanos, QuanSight (general development, i18n, extensions).
Fernando Perez, UC Berkeley (co-creator, vision).
Isabela Presedo-Floyd, QuanSight Labs (design/UX).
Steven Silvester, MongoDB (co-creator, release management, packaging, prolific contributions throughout the code base).
Jeremy Tuloup, QuantStack (general development, extensions).

Maintainer emeritus:

Chris Colbert, Project Jupyter (co-creator, application/low-level architecture, technical leadership, vision, PhosphorJS)
Jessica Forde, Project Jupyter (demo, documentation)
Tim George, Cal Poly (UI/UX design, strategy, management, user needs analysis).
Cameron Oelsen, Cal Poly (UI/UX design).
Ian Rose, Quansight/City of LA (general core development, extensions).
Andrew Schlaepfer, Bloomberg (general development, extensions).
Saul Shanabrook, Quansight (general development, extensions)

This list is provided to give the reader context on who we are and how our team functions. To be listed, please submit a pull request with your information.

Weekly Dev Meeting

We have videoconference meetings every week where we discuss what we have been working on and get feedback from one another.

Anyone is welcome to attend, if they would like to discuss a topic or just listen in.

When: Wednesdays 9:00 AM Pacific Time (USA)
Where: jovyan Zoom
What: Meeting notes

Notes are archived on GitHub Jupyter Frontends team compass.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Security-Policy

Determines if the project has published a security policy.

10

SAST

Determines if the project uses static code analysis.

9

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

9

License

Determines if the project has defined a license.

2

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Fuzzing

Determines if the project uses fuzzing.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/answered.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/answered.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto_author_assign.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/auto_author_assign.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-report.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/benchmark-report.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-report.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/benchmark-report.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/benchmark.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/benchmark.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark.yml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:210: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:227: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/benchmark.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-i18n.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/check-i18n.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/check-i18n.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/check-i18n.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/check-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/check-release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/check-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/check-release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/check-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/check-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/docker-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/enforce-label.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/enforce-label.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata-update.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata-update.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/galata-update.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata-update.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/galata-update.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata-update.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata-update.yml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata-update.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata-update.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata-update.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/galata-update.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata-update.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/galata-update.yml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata-update.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/galata.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/galata.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/galata.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/galata.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/labeler.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/license-header.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/license-header.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linuxjs-tests.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxjs-tests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linuxjs-tests.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxjs-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linuxtests.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/linuxtests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/lock.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/macostests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/macostests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/macostests.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/macostests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/prep-release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/prep-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/prep-release.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/prep-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-changelog.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/publish-changelog.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-changelog.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/publish-changelog.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-changelog.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/publish-changelog.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/publish-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/publish-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/publish-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-release.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/publish-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/reject-staging-changes.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/reject-staging-changes.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/reject-staging-changes.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/reject-staging-changes.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/windowstests.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/windowstests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/windowstests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyterlab/jupyterlab/windowstests.yml/main?enable=pin
Warn: containerImage not pinned by hash: docker/Dockerfile:4
Warn: containerImage not pinned by hash: docker/Dockerfile:50
Warn: pipCommand not pinned by hash: binder/postBuild:23
Warn: pipCommand not pinned by hash: scripts/ci_install.sh:30
Warn: pipCommand not pinned by hash: scripts/ci_install.sh:33
Warn: pipCommand not pinned by hash: scripts/ci_install.sh:33
Warn: pipCommand not pinned by hash: scripts/ci_install.sh:39
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:50
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:105
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:233
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:235
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:237
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:282
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:397
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:421
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:445
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:456
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:457
Warn: pipCommand not pinned by hash: scripts/ci_script.sh:471
Warn: pipCommand not pinned by hash: scripts/release_prep.sh:25
Warn: pipCommand not pinned by hash: scripts/release_test.sh:21
Warn: pipCommand not pinned by hash: scripts/release_test.sh:45
Warn: pipCommand not pinned by hash: .github/workflows/check-i18n.yml:18
Warn: pipCommand not pinned by hash: .github/workflows/galata-update.yml:201
Warn: pipCommand not pinned by hash: .github/workflows/galata.yml:137
Warn: pipCommand not pinned by hash: .github/workflows/linuxtests.yml:112
Warn: pipCommand not pinned by hash: .github/workflows/linuxtests.yml:136
Warn: pipCommand not pinned by hash: .github/workflows/linuxtests.yml:137
Info: 0 out of 41 GitHub-owned GitHubAction dependencies pinned
Info: 1 out of 35 third-party GitHubAction dependencies pinned
Info: 0 out of 26 pipCommand dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

5.6

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More