Workflow

Jupyterlab-tour

Latest version: v4.0.1

Safety actively analyzes 701442 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

4.0.1

([Full Changelog](https://github.com/jupyterlab-contrib/jupyterlab-tour/compare/v4.0.0...3b3901ec4136e42a6d5f28e4fd0bd9f6f2fab791))

Bugs fixed

- Use existing server settings when creating the `ConfigSection` [85](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/85) ([jtpio](https://github.com/jtpio))

Maintenance and upkeep improvements

- Bump ip from 2.0.0 to 2.0.1 [84](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/84) ([dependabot](https://github.com/dependabot))
- Bump ip from 2.0.0 to 2.0.1 in /ui-tests [83](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/83) ([dependabot](https://github.com/dependabot))

Contributors to this release

([GitHub contributors page for this release](https://github.com/jupyterlab-contrib/jupyterlab-tour/graphs/contributors?from=2023-11-08&to=2024-02-29&type=c))

[dependabot](https://github.com/search?q=repo%3Ajupyterlab-contrib%2Fjupyterlab-tour+involves%3Adependabot+updated%3A2023-11-08..2024-02-29&type=Issues) | [github-actions](https://github.com/search?q=repo%3Ajupyterlab-contrib%2Fjupyterlab-tour+involves%3Agithub-actions+updated%3A2023-11-08..2024-02-29&type=Issues) | [jtpio](https://github.com/search?q=repo%3Ajupyterlab-contrib%2Fjupyterlab-tour+involves%3Ajtpio+updated%3A2023-11-08..2024-02-29&type=Issues)

<!-- <END NEW CHANGELOG ENTRY> -->

4.0.0

([Full Changelog](https://github.com/jupyterlab-contrib/jupyterlab-tour/compare/v3.1.4...fd7eecc2f6454a4ef504173ee818da4f4ee6bf69))

Enhancements made

- Enhance tour version
[81](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/81)
([fcollonval](https://github.com/fcollonval))
- Add support for notebook 7
[75](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/75)
([fcollonval](https://github.com/fcollonval))
- Add notebook tours, icons
[29](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/29)
([bollwyvl](https://github.com/bollwyvl))

Bugs fixed

- Fix internationalization
[74](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/74)
([fcollonval](https://github.com/fcollonval))

Maintenance and upkeep improvements

- Bump babel/traverse from 7.22.10 to 7.23.2
[80](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/80)
([dependabot](https://github.com/dependabot))
- Bump postcss from 8.4.27 to 8.4.31
[79](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/79)
([dependabot](https://github.com/dependabot))
- Bump postcss from 8.4.27 to 8.4.31 in /ui-tests
[78](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/78)
([dependabot](https://github.com/dependabot))
- Bump systeminformation from 5.18.10 to 5.21.8 in /ui-tests
[77](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/77)
([dependabot](https://github.com/dependabot))
- upgrade to jupyterlab4
[71](https://github.com/jupyterlab-contrib/jupyterlab-tour/pull/71)
([djangoliv](https://github.com/djangoliv))

Contributors to this release

([GitHub contributors page for this release](https://github.com/jupyterlab-contrib/jupyterlab-tour/graphs/contributors?from=2021-10-31&to=2023-11-08&type=c))

[bollwyvl](https://github.com/search?q=repo%3Ajupyterlab-contrib%2Fjupyterlab-tour+involves%3Abollwyvl+updated%3A2021-10-31..2023-11-08&type=Issues)
|
[dependabot](https://github.com/search?q=repo%3Ajupyterlab-contrib%2Fjupyterlab-tour+involves%3Adependabot+updated%3A2021-10-31..2023-11-08&type=Issues)
|
[djangoliv](https://github.com/search?q=repo%3Ajupyterlab-contrib%2Fjupyterlab-tour+involves%3Adjangoliv+updated%3A2021-10-31..2023-11-08&type=Issues)
|
[fcollonval](https://github.com/search?q=repo%3Ajupyterlab-contrib%2Fjupyterlab-tour+involves%3Afcollonval+updated%3A2021-10-31..2023-11-08&type=Issues)
|
[github-actions](https://github.com/search?q=repo%3Ajupyterlab-contrib%2Fjupyterlab-tour+involves%3Agithub-actions+updated%3A2021-10-31..2023-11-08&type=Issues)


Making a new release of jupyterlab-tour

The extension can be published to `PyPI` and `npm` manually or using the
[Jupyter Releaser](https://github.com/jupyter-server/jupyter_releaser).

Manual release

Python package

This extension can be distributed as Python packages. All of the Python packaging
instructions are in the `pyproject.toml` file to wrap your extension in a Python
package. Before generating a package, you first need to install some tools:

bash
pip install build twine hatch


Bump the version using `hatch`. By default this will create a tag. See the docs on
[hatch-nodejs-version](https://github.com/agoose77/hatch-nodejs-version#semver) for
details.

bash
hatch version <new-version>


Make sure to clean up all the development files before building the package:

bash
jlpm clean:all


You could also clean up the local git repository:

bash
git clean -dfX


To create a Python source package (`.tar.gz`) and the binary package (`.whl`) in the
`dist/` directory, do:

bash
python -m build


> `python setup.py sdist bdist_wheel` is deprecated and will not work for this package.

Then to upload the package to PyPI, do:

bash
twine upload dist/*


NPM package

To publish the frontend part of the extension as a NPM package, do:

bash
npm login
npm publish --access public


Automated releases with the Jupyter Releaser

The extension repository should already be compatible with the Jupyter Releaser.

Check out the
[workflow documentation](https://jupyter-releaser.readthedocs.io/en/latest/get_started/making_release_from_repo.html)
for more information.

Here is a summary of the steps to cut a new release:

- Add tokens to the
[Github Secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets)
in the repository:
- `ADMIN_GITHUB_TOKEN` (with "public_repo" and "repo:status" permissions); see the
[documentation](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)
- `NPM_TOKEN` (with "automation" permission); see the
[documentation](https://docs.npmjs.com/creating-and-viewing-access-tokens)
- Set up PyPI

<details><summary>Using PyPI trusted publisher (modern way)</summary>

- Set up your PyPI project by
[adding a trusted publisher](https://docs.pypi.org/trusted-publishers/adding-a-publisher/)
- The _workflow name_ is `publish-release.yml` and the _environment_ should be left
blank.
- Ensure the publish release job as `permissions`: `id-token : write` (see the
[documentation](https://docs.pypi.org/trusted-publishers/using-a-publisher/))

</details>

<details><summary>Using PyPI token (legacy way)</summary>

- If the repo generates PyPI release(s), create a scoped PyPI
[token](https://packaging.python.org/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/#saving-credentials-on-github).
We recommend using a scoped token for security reasons.

- You can store the token as `PYPI_TOKEN` in your fork's `Secrets`.

- Advanced usage: if you are releasing multiple repos, you can create a secret named
`PYPI_TOKEN_MAP` instead of `PYPI_TOKEN` that is formatted as follows:

text
owner1/repo1,token1
owner2/repo2,token2


If you have multiple Python packages in the same repository, you can point to them
as follows:

text
owner1/repo1/path/to/package1,token1
owner1/repo1/path/to/package2,token2


</details>

- Go to the Actions panel
- Run the "Step 1: Prep Release" workflow
- Check the draft changelog
- Run the "Step 2: Publish Release" workflow

Publishing to `conda-forge`

If the package is not on conda forge yet, check the documentation to learn how to add
it: https://conda-forge.org/docs/maintainer/adding_pkgs.html

Otherwise a bot should pick up the new version publish to PyPI, and open a new PR on the
feedstock repository automatically.

Links

Releases

Has known vulnerabilities

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.