►
From YouTube: JupyterLab Team Meeting - May 25, 2022
Description
A meeting to share and discuss features, ideas, issues, and pull requests in JupyterLab and other Jupyter frontends. This meeting is open to anyone and everyone.
Join future calls via the Jupyter community calendar: https://docs.jupyter.org/en/latest/community/content-community.html#jupyter-community-meetings
Notes for upcoming meetings can be found on the agenda: https://hackmd.io/Y7fBMQPSQ1C08SDGI-fwtg
Past notes can be found on the JupyterLab team compass: https://github.com/jupyterlab/team-compass/issues?q=is%3Aissue+label%3A%22Dev+Meeting+Minutes%22
B
Can
hold
your
nerve
couldn't
hold
your
nerve?
Could
you
all
right
welcome
everyone
to
the
may
25th
weekly
jupiter
lab
call.
Today
we
have
23
people
on.
Please
find
the
link
to
the
agenda
in
the
chat
and,
if
you
are
inclined,
please
add
your
name
to
the
list
of
attendees
beneath
that
table.
There
is
an
agenda
if
there's
something
you'd
like
to
talk
about.
Please
add
a
bullet
point.
B
C
Jason
w
here
has
also
been
doing
work
to
update
the
commenting
extension
and
the
common
problem
that
both
of
these
extensions
have
is
that
they
need
to
store
additional
state
outside
of
the
document
for
some
document
types
like
notebooks,
we
could
store
it
in
metadata,
but
for
other
file
types
like
source
code
files,
markdown
files,
even
csv
files.
That
option
is
not
available.
C
Other
options
like
extended
file
system
attributes
are
not
always
available
online
for
all
file
systems
used
for
jupiter,
and
so
I
have
a
proposal
here
paste
a
link
into
the
chat.
The
link
is
also
in
the
agenda
to
create
a
lightweight
document
id
service
for
jupiter
server,
lab
notebook,
and
the
idea
here
is
that
this
would
get
provide
an
api
where
a
fronted
extension
could
pass
a
path
to
the
document
it
currently
has
and
get
a
unique
id
for
the
document
for
renames
and
moves
that
occur
within
jupiter
lab.
C
We,
the
the
service,
would
update
its
mapping
between
path
and
id.
C
The
other
nice
thing
is
that
we
can
have
multiple
implementations
of
this,
so,
for
example,
if
the
user's
running
on
a
system
that
has
extended
file
system
attributes,
we
could
just
use
that
for
the
the
persistent
store
which
gets
rid
of
all
the
problematic
edge
cases
worst
case
scenario
in
in
on
systems
that
don't
support
that
we
could
build
all
the
needed
heuristics
into
the
service.
The
benefit
there
is
that
each
individual
extension
that
needs
this
type
of
functionality
wouldn't
have
to
duplicate
that
logic.
C
C
So
that's
the
idea
with
love
feedback
on
it,
either
now
or
in
the
issue
to
see.
If
we
can
move
forward
with
this
type
of
design.
C
B
Historical
question
for
you,
brian,
in
the
design
phases
of
different
jupiter
front
ends,
did
the
concept
of
being
more
like
a
traditional
web
application
where
all
your
stuff
is
actually
just
resident
in
a
database
or
even
like
a
mobile
application,
or
something
is
that
something
that
you
considered
before
you
landed
upon
being
file
based,
or
was
it
always
like
a
given
that
you
wanted
to
be
file
based.
C
Yeah,
that's
a
great
question.
We
we
did
explore
a
bunch
of
options
in
the
summer
of
what
2006,
so
men
at
the
time
was,
I
think,
a
junior
undergrad.
I
was
at
santa
clara
university.
Where
min
was
he
did
a
summer
internship
and
basically
built
out
a
relational
database
model
for
storing
storing
notebooks
it?
C
C
I
don't
think
we
have
had
a
great
sense
of
why
the
database
wasn't
great
and
why
the
local
file
system
might
be
better.
There
was
also,
even
once
we
moved
to
files.
An
early
version
of
the
notebook
in
2011
did
use
ids
rather
than
file
paths
in
the
web
application.
I
don't
remember
all
the
details
of
how
we
implemented
that,
but,
yes,
we
we
played
with
a
lot
of
that
along
the
way.
B
But
you
landed
on
folders
anyway,
folders
and
files
and
file
system
and
yeah
yeah
not
only
makes
sense.
You
want
to
share
documents
and
stuff.
That's
super
valuable.
You
give
up
a
lot
by
not
doing
that
and
even
the
hybrid
is
like
you
download
from
the
web
app,
but
the
web
app
is
the
place
where
you
have
to
import
it
into
and
yeah
fair
enough.
B
All
right,
one
quick
announcement:
I've
linked
to
a
tweet
which
is
not
something
I
would
ordinarily
do,
but
this
is
for
a
request
for
a
call
for
proposals
for
jupiter
community
workshops.
B
The
deadline
is
coming
up
june.
6.,
it's
quick
and
basically,
you
fill
out
a
form
describing
an
event
you
want
to
put
on
and
we
might
give
you
money
for
it.
So
you
know
if
there's
something
you
want
to
host,
that's
jupiter
related
and
you
are.
You
are
the
person
who
wants
to
bring
jupiter
to
your
corner
of
the
world.
Please
do
and
if
you
use
twitter
and
feel
comfortable,
please
retweet
and
I
see
jason,
adding
a
link
to
the
blog
post.
That's
useful!
Thank
you
yeah!
B
So
that's
one
thing.
The
other
thing
is
in
the
well
actually.
D
B
B
I
finally
went
through
the
youtube
channel
grabbed
all
the
links
and
posted
all
the
ones
that
I
had
not
done
and
did
not
want
to
to
impose
upon
isabella
to
do,
because
she
graciously
did
a
whole
bunch
of
them
and
posted
them
onto
youtube
and
linked
them
here,
because
I
feel
like
in
terms
of
discoverability.
B
This
might
be
really
good
for
us.
This
is
this
issue
is
the
central
location
that
has
the
meeting
minutes
and
it's
also
the
central
location
of
the
issues
that
get
linked
to
so
it
seemed
like
a
good
place
to
after
the
youtube
videos
linked
plus,
I
got
to
use
the
cute
tv
emoji,
and
the
third
thing
is
I'm
in
the
middle
of
writing
this
issue.
So
I
couldn't
link
to
an
issue,
but
the
events.
B
B
One
part
of
it
will
be
straightforward,
is
just
adding
to
the
jupiter
lab
services
package
to
talk
to
the
back
end,
the
other
piece,
I
think
we
probably
should
have
a
top
level
concept
that
you
can
bring
into
your
extension
as
a
dependency
for
basically
a
thing
that
emits
events.
B
I
think
I
think
something
like
a
subclass
of
pull
makes
sense
here,
where
basically,
it
ticks,
as
events
come
in
and
people
can
subscribe
to
it
instead
of
tons
of
different
plugins
talking
to
the
services
directly,
but
I
haven't
thought
through
all
of
the
ramifications.
Yet
it's
just
a
thing
that
I
would
like
to
have
accessible
to
other
plugins
sooner
rather
than
later
so
soon
as
this
jupiter
server
pr
is
merged
and
released
in
alpha
it'll
be
nice.
B
If
we
have
its
counterparts
in
jupiter
lab,
if
there
are
no
questions
about
any
of
the
things
that
I
talked
about,
we
can
move
on,
but
I'll
wait.
A
second.
B
Yeah,
I'm
not
100
sure
I
thought
about
the
sum,
because
both
would
work
right
because
they're
just
gonna
be
talking
to
jupiter,
lab
services,
opening
a
websocket
and
like
emitting
signals,
and
there
could
be
a
basically
a
static
class
like
an
instance
that
you
bring
in,
but
because
we
already
have
this
pattern
of
extensions,
bringing
in
things
via
tokens
that
are
singletons.
I
think
that
is
better,
because
I
don't
I
don't
really
like
the
concept
of
a
class
that
self-instantiates
and
is
global.
B
I
think
it's
nicer
to
use
the
the
extension
dependency
management
to
to
do
that
and
that
way
it
instantiates
in
the
jupiter
lab
extension
instead
of
just
instantiating
as
a
library
and
it
lets
you
use
it
as
a
library
more
freely.
If
there's
some
other
circumstance
where
it's
applicable
to
your
project.
E
E
B
E
It's
already
the
case,
for
example,
for
the
translator,
and
that's
why
there
are
lots
of
library
out
there
for
toast
or
notification
that
are
just
a
global
that
you
can
call
or
that
if
we
react,
for
example,
also
as
a
way
of
using
provider
and
context
for
following
bringing
things
down,
but
I
mean
I
don't
have
a
strong
opinion,
then
I
fully
agree
that
we
have
nice
features
with
the
token,
and
it
was
more
to
to
get
your
opinion
on
that.
One.
B
F
Okay,
just
want
to
give
an
update
on
the
the
hatch
jupiter
builder
packaging
plug-in
that
I
mentioned
last
week,
so
I
did
move
it
to
the
jupiter
lab
org
and
it's
releasable
from
there
done
a
couple
patch
releases
since
then
started
the
conda
forge
recipe,
I'm
looking
for
one
more
maintainer.
If
anyone
wants
to
put
their
name
on
that
issue,
it's
good
to
have
at
least
two
when
you're
making
one
of
those
and
the
notebook
pr
to
use
this
back.
F
End
is
mostly
done
as
just
a
little
question
about
duplicating
data
between
the
site
packages
and
data
files,
but
otherwise
that
that
part's
pretty
pretty
well
done.
Jupiter
lab
one
is
still
in
progress,
made
a
couple
patch
releases
to
attach
stupid
builder
to
fix
a
couple
of
things
there,
but
there's
still
a
few
failing
builds.
F
So
I'm
working
through
that
and
then
as
part
of
that,
there's
a
little
checklist
of
what
what
still
needs
to
be
done,
including
making
a
migration
script
and
then
using
that
script
to
migrate,
the
extension
cookie
cutter
and
then
taking
that
thing
and
making
sure
it
works
with
the
pr's
kind
of
like
close
the
loop
there
and
make
sure
we
aren't
breaking
anything.
We
can
load
extensions
that
use
set
tools
and
ones
that
use
hatch
for
their
packaging
mechanism.
F
So
nothing
final.
Yet
still
still
on
fully
that's
it.
G
E
H
H
A
H
Okay,
no
that's
good
to
know.
Basically
I
think
I
mentioned
at
the
last
call,
but
in
case
anyone
didn't
hear
I'm
going
to
try
and
spend
a
few
or
the
next
few
months
trying
some
different
times,
because
people
requested
a
rotating
time
zones
that
were
more
inclusive
of
different.
You
know
time
zones
getting
different
people
to
present,
but
I'm
trying
to
see
when
we
have
people
who
actually
show
up,
because
I
don't
super-
want
to
run
a
call
at
like
a
you
know,
a
midnight
for
me
and
no
one
is
there.
H
So
I'm
trying
to
kind
of
do
a
scale,
but
this
one
it
sounds
like
I
did.
I
did
7
am
again
for
some
reason.
Who
knows
what
I
was
thinking
a
month
ago
anyway,
though,
everyone
is
welcome,
if
you
can
make
that
if
you
can't,
I
hope
to
see
you
all
there.
H
The
second
thing
I
wanted
to
ask
was,
I
know.
Last
week
I
said
I
would
review
the
code
mirror
6
migration,
pr
or
maybe
that
was
at
a
different
meeting
and
I
do
intend
to
I've
been
trying
to
gather
expected
behaviors.
So
I
know
what
I'm
testing
for,
because
a
lot
of
what
I've
been
looking
at
in
terms
of
accessibility
for
jupiter
lab
has
been
more
general
and
high
level
right.
H
We
have
a
lot
of
issues
where
you
can't
even
get
into
the
document
area,
and
so
I'm
trying
to
kind
of
make
sure
I
know,
what's
expected
of
an
accessible
code,
editor
the
reason
I'm
telling
you.
That
is
because
I
didn't
comment
anything
on
there
and
I
don't
want
to
hold
up
the
pr.
Do
we
have
a
specific
timeline
we're
looking
for
for
that?
I
know
we
returned
not
to
block
it
and
I
want
to
make
sure
I
meet
that
timeline.
B
B
H
H
E
E
No,
the
other
one.
First,
that's
the
one.
That's
the
one!
On
the
subject
of
the
martin's
parser.
I
very
briefly
started
also
following
a
comment
of
jason,
pointing
out
that
github
has
no
the
ability
of
rendering
mathematical
expression
in
markdown.
E
I
was
thinking
the
best
next
move
would
be
to
to
kind
of
assess
what
we
would
like
as
features
for
modern
parser
for
jupiter
lab
and
then
to
try
to
to
come
some
to
some
kind
of
candidate
features
matrix
to
to
figure
out
what
could
be
the
the
the
good
library
we
would
like
to
to
use
in
the
future.
For,
for
that,
so
feel,
free
to
to
comment
on
that
issue,
and
maybe,
if
there's
lots
of
people
interested
and
that
have
time
we
could
probably
set
up
some
separate
meeting
or
discuss
the
additional
discussion
stuff.
E
And
then,
if
not
so
I
think
I
have
said
it
a
couple
of
times
now,
so
I'm
working
on
on
a
new
way
of
doing
a
windowing
or
virtual
notebook.
So
that
means
that
you
are
only
displaying
part
of
the
cells
that
you
that
you
you
have
in
the
notebooks,
the
ones
that
are
in
the
viewport,
I'm
almost
through
it
with
the
features
so
basically
search
is
working,
debugger
is
working,
table
of
content
is
working,
the
so
most
of
the
things
are
working.
E
I
still
have
a
couple
of
cap
and
I
just
ran
the
benchmark
on
the
the
pr
and
the
results
are
really
amazing.
Like
the
the
opening
of
the
large
notebook
I
get
like
100
percent
last
time,
it's
even
funny.
It's
like
no,
the
the
large
note
notebook
test
case
in
this
pr
is
taking
less
than
the
markdown
file
to
be
opened.
B
I
Oh
sorry
didn't
find
the
mute
button
all
right
currently
on
my
phone,
don't
really
see
the
markdown
file,
so
I
didn't
know
that
I
was
next,
so
carlos
created
a
pr-
and
maybe
somebody
can
post
this
in
the
chat
as
well
that
basically
remove
that
replaces
the
shared
model
approach
that
we've
been
working
on
last
year
with
a
new
approach,
and
I
would
like
to
discuss
this-
you
know
maybe
discuss
some
of
the
advantages
and
disadvantages
of
both
approaches.
I
Just
to
give
an
overview
of,
I
think
two
better
points
on
each
approach
is
that
the
current
chat
model
approach
is,
you
know,
stable
and
that's
something
that
you
can
work
against,
and
the
other
implementation
basically
keeps
more
backwards
compatibility
while
it
removes
the
model
db,
specifically
so
yeah.
We
should
discuss
this.
I
feel
because
it's
a
big
change
and
I
would
love
to
see
a
lot
more
people
in
the
rtc
meeting,
maybe
next
week
on
monday.
B
B
J
Next
monday
is
the
holiday
in
the
us
and
there's
several
of
us
that
would
like
to
join
but
we'll
be
out
for
the
holiday.
Can
we
either
record
it
or
reschedule
it
or
or
whatever.
J
I
H
I
B
This
this,
this
is
one
of
those
like
real
problems
that
it
would
have
been
hilarious
if
a
whole
bunch
of
people
on
vacation
all
went
to
a
call
and
were
annoyed
about
it,
and
they
all
thought
they
were
doing
it
for
the
other
people
who
were
all
annoyed
for
the
same
reason.
So
I'm
glad.
B
B
Okay,
david,
you
are
up.
D
Hey
team
wait.
D
You
yep
you're,
good,
oh
okay.
Well
sometimes
the
yeah
zoom
shows
the
little
green
bar
anyways
yeah.
I'm
raising
up
an
old
issue
that
probably
got
forgotten
quite
a
while
ago,
I'm
a
new
contributor
on
the
team,
so
I
just
found
something
quick
and
easy
to
work
on
I'll
post
it
in
the
chat
for
people
on
their
phone.
D
Basically,
right
now
in
jupiter
lab
the
default
launcher
page,
the
icon,
colors
are
kind
of
messed
up
and,
in
addition
to
the
icons
themselves,
push
has
already
done
a
lot
of
work
on
this
and
I'm
sort
of
building
off
of
the
work
that
he's
already
done,
but
in
essence
the
python
icon.
Is
this
weird
like
monochrome
purple?
D
I
just
want
to
make
sure
that
there
wasn't
any
like
established
precedent
for
why
this
was
so.
My
specifically
I'm
proposing
that
we
change
the
icons
to
something
more
standard.
You
know
just
like
the
standard,
python
foundation
icon
and
same
for
markdown
as
well.
If
you
look
at
the
markdown
icon,
it's
also
currently
in
launcher
this
weird
purple
m.
With
a
down
arrow,
I
propose
that
we
use
a
more
standardized
icon
for
that,
which
is
the
markdown
mark
repository
yeah.
H
I
could
be
wrong,
but
I
want
to
say
that
they're
both
that
purple
color,
because
many
of
our
icons
are-
are
colored
using
the
rest
of
jupiter
lab
css
variables,
and
so
I
want
to
say
that
they're
colored
by
a
variable
that
probably
says
this
is
something
that's
not
a
jupiter
file.
It's
not
a
you
know
like
it's
kind
of
like
the.
This
is
maybe
the
catch-all
I'm
not
entirely
sure.
Does
that
check
out
to
other
people
who
might
know
more
than
that.
K
I
might
have
lost
the
context
real
quick.
Are
we
talking
about
how
the
icons
in
jupiter
lab
aren't
the
standard
for
like
markdown
and
python
and
such
and
yeah
yeah?
I
actually
did
a
lot
of
research
on
that
because
I
didn't
like
that
and
if
anybody's
ever
used
a
lyra,
you'll
notice,
we've
actually
overridden
a
lot
of
them
to
be
the
actual
official
versions
of
a
lot
of
those
icons.
Apparently,
in
the
very
early
years
they
had
somebody
create
unique
icons
for
the
file
browser
for
jupyter
lab.
K
K
I'm
I
very
much
dislike
it
personally.
I
think
we
should
be
using
like
official
logos
for
things
like
python
and
r
and
markdown,
but
that
is
the
mentality
and
original
thinking
behind
those.
As
far
as
my
research
went,
I
researched
that
pretty
thoroughly
last
summer.
I
think
it
was.
B
K
Yeah,
I
I
would
agree,
we
would
just
need
to
be
careful
about
making
sure
all
the
ids
and
classes
and
stuff
are
done
correctly
inside
the
svg
file.
H
Tyrion,
can
I
clarify
that
you
said
you
would
be
fine
with
the
pr
changing
the
icon,
but
are
you
also
saying
changing
the
color?
Are
you
saying
you
want
you're,
okay,
with
changing
the
shape
of
the
icon
as
long
as
it's
hooked
up
to
the
existing
way
that
we're
coloring
icons
just
for,
if
that
makes
sense.
H
Yeah
sorry,
I
said
when
you
were
like:
I
don't
see
why
that
pr
be
a
problem.
Are
you
saying
it's
a
pr
that
specifically
changes
the
file
for
like
the
shape
of
the
icon,
but
keeps
the
way
that
they
are
colored
in
jupiter
lab
or
using
a
pr
that
changes,
shape
and
color?
I
was
just
clarifying
because
they
seem
like
two
different
things
to
me.
B
K
Yeah
I
I
can
actually
speak
to
the
color
thing
when
it
comes
to
that
purple.
That's
the
default
color
of
the
icon,
so
the
default
color
can
be
anything
you
want
and
then
that
color
can
be
overridden
by
the
css.
Usually
in
this
case
the
overriding
is
changing
it
to
white
or
black
because
of
light
mode,
dark
mode
or
highlighting.
D
K
K
H
We
use
them
to
color
certain
classes,
and
so
the
icon
gets
us,
that's
my
understanding,
and
so
the
icon
gets
assigned
a
class
that
is
like.
It
was
recently
reworked
as
why.
I
don't
remember
the
exact
variable
name
anymore,
because
it
used
to
be
that
it
was
actually
colored
by
the
ui
font
color
and
now
I
think
they
have
their
own
separate
class.
J
A
K
Those
those
are
the
ones
that
we
want
to
make
sure
to
make
work
in
the
notes
in
this
it
we
it
does
talk
about
also
changing
the
python
icon.
I
actually
already
implemented
that
exact
change
for
alyra,
so
I
could
help
in
any
way
because
yeah
lyra's
already
using
a
custom,
python
icon.
That
looks
like
the
standard
one
but
works
with
all
the
jupiter
lab
coloring.
D
D
Yeah,
could
you
link
that
in
the
issue
maybe
or
send
it
to
me
in
some
other
way,
yeah.
K
Yeah
I'll
I'll,
open
up
the
issue
and
I'll
go
find
my
pr
on
alira
to
link
to
it.
After
this
meeting.
D
B
I
guess
I'm
asking
kevin,
I
don't
know
no
one
else
on
the
calls,
because
I
think
carlos
is
in
germany
and
he's
the
person
doing
a
presentation,
so
it
would
be
really
mean
if
all
of
us
were
like
come
in
on
your
vacation
and
do
a
presentation.
So
let's
find
that
out.
If
that's
the
case,
maybe
we
can
move
it
to
to
the
to
the
tuesday,
the
7th
or
something
like
that,
but.
I
I
I
mean
for
me
it
would
be
a
block
because
I'm
on
a
conference
on
tuesday
after
that,
maybe
next
week,
tuesday
would
work.
For
me
at
least.
B
I
see
okay,
let's
let's
check
with
people
and
figure
this
out
offline
and
then
we'll
update
the
calendar,
but
by
this
friday.
Whatever
is
in
the
account
on
friday,
we'll
commit
to
that
so
like.
If
you
want
to
come
to
this
call
check
on
friday
and
if
you're
interested
in
being
on
a
like
an
email
chat
or
something
put
your
name
in
the
agenda.
So
we
can
consult
you
and
try
to
pick
a
day
together.
B
B
Okay,
all
right,
so
the
first
one
is
rick
and
jason
w
talking
about
the
vulnerability
handling
process.
Take
it
away.
G
All
right,
thank
you.
I
don't
necessarily
know
that
this
falls
into
the
going
to
take
a
while,
it's
more
just
letting
folks
know,
and
if
you
want
to
read
about
it
and
contribute
so
I'll
drop
a
link
into
the
chat.
I
already
dropped
a
link
into
the
document
and
just
because
everyone
loves
reading
text,
I
will
share
my
screen.
G
So
currently,
this
is
a
draft
document
that
we
have
over
in
the
jupiter
security
repo,
describing
what
we
are
putting
forward
as
a
vulnerability
handling
process
across
the
jupiter
subprojects,
and
our
intention
is
that
this
draws
on
current
practices
that
we've
heard
from
other
folks
like
jupiter
server
and
what
we've
observed,
and
it
also
communicates
out
to
the
community
and
save
folks
at
companies
that
rely
on
jupiter
or
organizations
that
rely
on
jupiter
as
to
how
we
intend
to
handle
vulnerabilities
and,
of
course,
the
great
thing
about
having
a
process.
G
G
The
fact
that
we
use
what's
described
as
a
coordinated
disclosure
model,
which
is
like
hey,
please
tell
us
in
private
first,
let's
try
to
work
together
and
then,
when
everything's
resolved,
we
make
it
public
and
you
know,
give
credit
to
any
security
researcher
disclosure
disclosure
who
brought
it
forward.
So
this
way
you
know
it's
like
project
jupiter
can't
afford
to
give
out
lots
of
bounties,
but
we
can
at
least
give
credit
where
credit
is
due.
G
Something
that's
more
relevant
to
this
group,
where,
if
you
really
want
to
take
a
minute
to
read
it's
the
triage
remediation
process,
so
in
a
lot
of
cases,
vulnerabilities
are
straightforward
in
that
they
apply
to
a
single
component,
and
you
know
somebody
can
report
something.
We
can
open
a
private
fork.
We
can
resolve
it,
get
a
cve
and
put
it
out
there,
but
there
are
times
when
there
are
vulnerabilities
that
impact
multiple
components,
and
this
is
where
things
have
to
happen
across
forks
across
different
projects
and
stuff,
like
that.
G
G
So,
if
you
would,
please
take
a
look,
we're
going
to
be
putting
this
in
as
a
pull
request
to
the
main
website
to
get
it
out
there
and
eventually,
I
think
that
there
is
a
opportunity
within
the
community
for
folks
that
you
know
want
to
play
an
active
day-to-day
role
in
something
like
security
and
especially
the
what
we
call
here.
G
The
coordinator
role,
the
the
having
a
group
of
folks
that
monitor
the
status
of
these
reports
and
ensure
they're
being
they
go
through
the
process
where
it's
much
more
about
diligence
and
follow-through
and
less
about
necessarily
deep
technical
knowledge.
G
A
Well,
so
the
the
long-term
vision
for
this
and
and
part
of
the
motivation
for
this
is
that
we
want
to
shore
up
some
of
the
information
about
reporting
vulnerabilities
on
our
own
website.
If
you
go
to
jupiter.org
security,
sorry,
jupiter.org
security,
you
can
see
our
current
vulnerability
documentation,
which
is
pretty
much
one
paragraph
which
is
send
us
an
email.
A
If
you
want
to
use
pgp
use
pgp
for
this
email,
it
doesn't
provide
any
expectation
about
what
you
should
what
you
you
should
expect
to
see
when
you
should
get
like
a
response.
Next
steps
in
the
process,
or
anything
like
that,
and
some
of
the
folks
that
I
work
with
were
asking
for
some
more
detail.
So
I
think,
as
we
continue
to
progress
with
the
documentation,
the
the
end
result
is
likely
to
be
a
strengthening
of
the
documentation
on
the
security
part
of
our
website.
H
Her
cat
is
freaking
me
in
frame,
but
yeah.
I
didn't
want
to
interrupt
anymore,
just
wanted
to
add
it.
What
are
the
call
to
actions?
I
think
we
should
put
in
the
notes,
because
I
think,
there's
a
lot
of
work
here,
but
I
think
if
someone
isn't
here
or
like
just
with
me,
I'm
not
sure
what
options
are
available
that
y'all
are
wanting.
Are
you
just
looking
for
people
interested
in
these
roles?
Are
you
looking
for
any
kind
of
review?
I'm
not
sure.
G
How
I
think
you
just
nailed
the
two
things
that
would
be
a
great
benefit
number
one
review,
especially
by
folks
that
are
contributors
and
have
dealt
with
vulnerability,
handling
or
remediation
that
you
know
look
at
this.
Please
look
at
this
process
see
if
it
makes
sense
if
it's
clear,
because
the
idea
with
that
second
half
of
the
document-
that's
very
kind
of
step
by
step-
is
that
a
developer,
that's
relevant
and
I'll
say
developer.
G
That,
though
it's
not
necessarily
the
only
role
that
would
apply
should
be
able
to
go
to
that
and
be
able
to
say.
Oh,
these
are
the
kinds
of
things
I'm
supposed
to
do.
If
there
is
some
like
I'm
supposed
to
help
remediate
something
in
a
component
I
work
on,
and
so,
if
those
steps
aren't
clear,
if
that
recipe
isn't
going
to
lead
to
the
desired
outcome,
then
we
need
to
make
it
clearer.
The
second
one
you
mentioned
is
yes.
G
I
think
that
the
the
thing
that
we
struggle
with
on
the
security
side
is
currently
those
of
us
that
are
on
the
the
security
mailing
list,
the
the
one
that
actually
receives
the
reports
is
we
don't
have.
This
is
something
where
you
actually
should
have
somebody
who's
like
hey.
G
This
is
your
week
to
monitor
the
list
and
make
sure
that
things
get
logged
in
the
tracking
repository
and
then
it
gets
closed
out,
and
I'm
not
saying
we
can't
do
that
and
we're
probably
going
to
have
to
be
the
group
that
starts,
but
if
there
are
other
folks
or
they're
like
you
know
what
this
is
an
area
where
I
could
spend
time
and
we
could
rotate
rolls
and
know
who's
got
the
stick
or
whatever
at
the
any
given
moment
whoever's
got
the
security
stick
for
the
week
would
be
fantastic.
G
You
and
thank
you
all,
it's
great
to
see
you
again,
I
think
for
those
of
us
who
are
kind
of
more
working
and
trying
to
do
this,
we
don't
want
to
do
it
in
isolation,
because,
I'm
sure
all
you
know
within
your
organizations
when
folks
who
put
the
title
of
security
come
on
and
then
come
on
and
give
mandates
it's
like.
Where
does
this
come
from
stuff
like
that,
and
I
don't
think
that
would
work
for
this
community.
I
think
it's
much
better
to
say
hey.
This
is
what
you're
already
doing.
G
Can
we
formalize
it
and
then
improve
on
it.
B
Thank
you
so
much
rick.
I
was
wondering
if
we
could
have
some
sort
of
like
swag
bundle.
You
know
like
a
shirt
and
some
stickers
and
stuff
like
that.
So
you
don't
you?
Don't
you
don't
get
a
bounty?
We
don't
have
that,
but
you
can.
You
can
get
some
some
sort
of
nice
incentive.
Yeah.
G
I
think
that'd
be
great,
I
mean
you've
if
you've
seen
the
traffic
or
you
have
a
feel
for
the
number
of
vulnerabilities.
It's
probably
a
you
know
a
few
a
month
I
would
say,
and
that
is
not
out
of
the
range
of
you
know
t-shirts
or
stickers
or
you
know,
can
you
shout
me
out
on
twitter
even
yeah?
You
know
I
think,
being
able
to
do.
That
would
be
a
a
really
nice
gesture.
Maybe.
E
B
H
B
Okay,
why
don't
we
start
with
that
and
then
see
where
we
go.
E
Yes,
so
maybe
let
me
share
my
screen,
so
I
think
one
of
the
idea
would
be
to
as
there
is
lots
of
people
at
this
call
maybe
try
to
fulfill
a
bit
more
the
list
of
feature
we
are
expecting
from
the
martin
parser.
E
So,
just
to
bring
some
some
information.
The
three
first
are
the
one
we
we
are.
We
are
supporting
so
like
common
markdown
with
some
gita
flavor.
E
E
The
question
is:
what
do
we
want?
In
addition
to
those,
there
is
probably
some
needs
of
being
able
to
extend
the
mardon
parser,
and
there
is
also
a
question
of
myst
support,
because
it
was
one
of
the
results
of
the
jupiter
app
survey
and
I
think
there
is
already
also
an
issue,
but
it
could
also
be
an
extension,
so
I'm
just
listing
it
because
I
was
knowing
about
it.
So
I
don't
know
what
what
are
your
id's
fault.
B
E
I
I
I
did
not
made
so
much
research
for
now,
so
I
was
more
about
going
through
like
the
christmas
way
saying:
okay,
let's
put
on
all
the
ideas
that
people
have
and
then
maybe
discuss
to
figure
out.
What's
what
we
think
really
matters
like
we,
what
we
think
really
should
be
supported
by
the
core,
parser
and
then
say:
okay,
the
one
of
the
future
will
be
that
is
gonna,
be
extensible.
So
if
you
have
some
fashionable
thing,
then
you
may
be
able
to
implement
it.
E
Thanks
rick
for
the
pronunciation
so
yeah.
That
was
my
point
of
view
and
then,
when
you
get
the
list,
then
try
to
dive
in
more
in
into
potential
libraries
to
see
what's
possible
and
then
do
the
the
cycle.
Saying.
Okay
seems
that
that
feature
is
just
not
possible
like
nobody
has
implemented
it
and
it
seems
tough
or
and
then
we
decide
to
drop
it
or
everything
is
possible.
And
then
we
have
a
clear
winner
for
a
technology
to
bring
in.
E
The
attachment
is
just
the
ability
of
you
know
you
can
drag
and
drop
an
image
from
like
in
jupyter
lab.
You
can
drag
an
image
from
the
file
browser
and
then
it
will
be,
the
binary
version
will
be
included
in
the
notebook,
and
so
you
get
a
special
link.
Yeah.
J
E
J
B
B
B
No,
no,
it's
great
any
other
comments,
anymore.
E
H
I
feel
like
this
is
kind
of
informally
what
you're
getting
at
I'm
mostly
listening,
because
I'm
not
I
haven't
been
following
the
issue
and
it
may
be
a
little
beyond
my
skills
anyway,
but
is
there
like
a?
I
guess?
Is
there
any
typical
way
that
you
would
make
this
decision
like?
Do
we
have
priorities
in
mind?
I
mean,
I
think,
that's
what
federico
was
saying
like
that.
Oh
I've,
just
kind
of
given
all
the
options
here,
but
is
there
any
asking
everyone
in
this
call?
Are
there
like
priorities?
J
J
This
is
how
we
interpret
math
or
whatever
it
is
having
that
standard
first
and
then
that
guides
us
in
and
picking
a
renderer
and
and
it
helps
other
people
with
different
renderers.
J
Like
william's,
been
mentioning,
you
know,
he'd
like
to
support
jupiter
markdown,
but
he
uses
markdown
id
with
with
separate
plugins,
and
things
like
that,
like
having
some
clarity
at
the
foundation
level,
which
is
what
is
the
markdown
standard
that
we
have
to
me,
is
the
first
step,
rather
than
just
switching
to
a
new
implementation,
and
then
whatever
that
new
implementation
does
is
what
we
support.
E
No,
don't
worry
so
I
agree
totally
with
jason,
but
it's
just
I
think
so.
We
should
also
consider
the
future
to
be
able
to
say:
okay,
that's
the
syntax.
We
want
the
grammar.
We
want
to
support
because,
for
example,
if
we
want
to
support
rendering
value
of
variables
within
the
margin,
that
means
we
need
to
come
up
with
a
syntax
for
supporting
it.
So,
although
I'm
fine
with
the
answer
saying,
we
just
support
what
we
are
supporting
right
now,
we
just
need
to
formalize
it.
D
J
Align
better
with
common
mark,
for
example,
so
so
I
think
we
need
to
figure
out
where
a
line
in
the
sand
is
so
what
I
would
love
to
see.
Next
is
a
jet
proposal
that
says
this
is
our
markdown
syntax
and
you
know
be
it
whatever
and
frederick.
You
have
a
better
sense
right
than
anybody.
I
think
right
now
about
exactly
what
we
support
exactly
what
we
don't
support,
whether
the
differences
between
us
and
common
mark
or
flavor
markdown.
A
Yeah
in
in
triage
last
week
there
was
a
bug
about
an
error
in
markdown
parsing,
and
I
found
I
marked
this
duplicate
of.
I
think
issue
272
in
jupiter
lab,
which
is
about
six
years
old,
and
I
think
you
either
opened
it
or
commented
on
a
lot
jason
grout.
J
Yeah
that
particular
issue
is,
could
be
closed
as
that's
not
markdown
spec,
it's,
it
has
to
do
with
spaces
in
the
urls
and
it's
very
explicitly
not
covered,
not
a
valid
markdown
thing
and
so
like.
If
we
had
a
standard
we
could
point
back
to.
It
would
be
very
easy
to
close
that
issue,
which
I
think
we
kind
of
did
in
the
comments
of
that
issue,
where
we
said:
that's
not
common
mark
sorry.
This
is
how
you
do
spaces
and
file
names
in
common
mark.