fix: resolve msgpack and jupyterlab security advisories#16
Merged
Conversation
msgpack 1.2.0 to 1.2.1 resolves GHSA-6v7p-g79w-8964 (high: out-of-bounds read / crash on Unpacker reuse after a caught error); msgpack ships in the runtime container via the brokers extra. jupyterlab 4.5.8 to 4.6.1 resolves GHSA-vmhf-c436-hxj4 (medium: stored XSS in the extension manager) and pulls its dev-stack companions notebook 7.6.0 and jupyter-builder 1.0.2; these are development tooling only and are not packaged or shipped. Lock-level update only (neither package is a direct dependency); requirements exports regenerated with the pinned Poetry toolchain. Paper and expansion artifacts are regenerated in the follow-up commits because poetry.lock is a release-critical fingerprinted input.
The dual-release flow documented in CLAUDE.md (commit source once, run the expansion wrapper, then the paper wrapper, then commit generated artifacts) was unsatisfiable for changed release-critical source: the paper wrapper required a fully clean tracked tree AND an expansion manifest recording the current HEAD as its source commit. A committed manifest cannot record the commit that contains it, and running the expansion wrapper first leaves its regenerated artifacts uncommitted, which the full-tree check rejected. Both wrappers now scope their cleanliness checks to the release-critical source paths they already fingerprint. Generation happens in a detached worktree at the source commit, so artifact dirt in the working tree cannot corrupt a release; uncommitted generator, schema, lock, or TeX changes are still refused. This also makes each wrapper rerunnable after a failed partner run without reverting regenerated artifacts.
Both releases regenerated from clean source commit dddead6 via the release wrappers (expansion first, then paper), with fixed UTC timestamps. Every economic CSV, figure, and target-tape hash is byte-identical to the prior release; the only content change in either PDF is the source-tree digest hex string in the reproducibility appendix (verified by pdftotext diff: one line per document). Manifests record the new source commit, clean worktree at start, and updated dependency-lock digest.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Verification
Merge notes
Merge by command-line fast-forward push only (git push origin fix/security-lock-refresh:main), as with the prior release PRs. Do NOT use squash or the GitHub rebase button: both rewrite commit SHAs, which would orphan the recorded source commit dddead6 that the manifests must keep as an ancestor. Do not move research-audit-v1.