Notebook

4.2.3 is a small bugfix release on 4.2.

> Highlights:

- Fix regression in 4.2.2 that delayed loading custom.js until after
`notebook_loaded` and `app_initialized` events have fired.
- Fix some outdated docs and links.

4.2.2 is a small bugfix release on 4.2, with an important security fix.
All users are strongly encouraged to upgrade to 4.2.2.

> Highlights:

- **Security fix**: CVE-2016-6524, where untrusted latex output could
be added to the page in a way that could execute javascript.
- Fix missing POST in OPTIONS responses.
- Fix for downloading non-ascii filenames.
- Avoid clobbering ssl_options, so that users can specify more
detailed SSL configuration.
- Fix inverted load order in nbconfig, so user config has highest
priority.
- Improved error messages here and there.

- Compatibility fixes for some versions of ipywidgets
- Fix for ignored CSS on Windows
- Fix specifying destination when installing nbextensions

Release 4.2 adds a new API for enabling and installing extensions.
Extensions can now be enabled at the system-level, rather than just
per-user. An API is defined for installing directly from a Python
package, as well.

Highlighted changes:

- Upgrade MathJax to 2.6 to fix vertical-bar appearing on some
equations.
- Restore ability for notebook directory to be root (4.1 regression)
- Large outputs are now throttled, reducing the ability of output
floods to kill the browser.
- Fix the notebook ignoring cell executions while a kernel is starting
by queueing the messages.
- Fix handling of url prefixes (e.g. JupyterHub) in terminal and edit
pages.
- Support nested SVGs in output.

And various other fixes and improvements.

Bug fixes:

- Properly reap zombie subprocesses
- Fix cross-origin problems
- Fix double-escaping of the base URL prefix
- Handle invalid unicode filenames more gracefully
- Fix ANSI color-processing
- Send keepalive messages for web terminals
- Fix bugs in the notebook tour

UI changes:

- Moved the cell toolbar selector into the _View_ menu. Added a button
that triggers a "hint" animation to the main toolbar so users can
find the new location. (Click here to see a
[screencast](https://cloud.githubusercontent.com/assets/335567/10711889/59665a5a-7a3e-11e5-970f-86b89592880c.gif)
)

- Added _Restart & Run All_ to the _Kernel_ menu. Users can also bind
it to a keyboard shortcut on action
`restart-kernel-and-run-all-cells`.

- Added multiple-cell selection. Users press `Shift-Up/Down` or
`Shift-K/J` to extend selection in command mode. Various actions
such as cut/copy/paste, execute, and cell type conversions apply to
all selected cells.

- Added a command palette for executing Jupyter actions by name. Users
press `Cmd/Ctrl-Shift-P` or click the new command palette icon on
the toolbar.

- Added a _Find and Replace_ dialog to the _Edit_ menu. Users can also
press `F` in command mode to show the dialog.

Other improvements:

- Custom KernelManager methods can be Tornado coroutines, allowing
async operations.
- Make clearing output optional when rewriting input with
`set_next_input(replace=True)`.
- Added support for TLS client authentication via
`--NotebookApp.client-ca`.
- Added tags to `jupyter/notebook` releases on DockerHub. `latest`
continues to track the master branch.

See the 4.1 milestone on GitHub for a complete list of
[issues](https://github.com/jupyter/notebook/issues?page=3&q=milestone%3A4.1+is%3Aclosed+is%3Aissue&utf8=%E2%9C%93)
and [pull
requests](https://github.com/jupyter/notebook/pulls?q=milestone%3A4.1+is%3Aclosed+is%3Apr)
handled.

4.0.x