chore(deps): update dependency marimo to v0.23.9 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
marimo	0.23.8 → 0.23.9

---

marimo contains a reflected cross-site scripting vulnerability in the notebook page

CVE-2026-54386 / GHSA-8m59-7xv8-735h

More information

Details

marimo before 0.23.9 contains a reflected cross-site scripting vulnerability in the notebook page that allows unauthenticated attackers to inject arbitrary JavaScript by exploiting improper escaping of single quotes in the file query parameter reflected into an inline JavaScript string literal. Attackers can craft a malicious link with a payload beginning with new to bypass the 404 check and inject JavaScript into the page, which executes without Content-Security-Policy restrictions in the origin of a victim's marimo server.

Severity

• CVSS Score: 5.1 / 10 (Medium)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

References

• https://nvd.nist.gov/vuln/detail/CVE-2026-54386
• https://github.com/marimo-team/marimo/pull/9789
• https://github.com/marimo-team/marimo/commit/fdd55c8cf6260ae23bb411dc9d9269def5cf75d6
• https://github.com/marimo-team/marimo/releases/tag/0.23.9
• https://www.vulncheck.com/advisories/marimo-xss-via-file-query-parameter-in-assets-py
• https://github.com/advisories/GHSA-8m59-7xv8-735h

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

marimo-team/marimo (marimo)

v0.23.9

Compare Source

What's Changed

This release makes opening a notebook in a second tab non-destructive, mo.ui.table adds new args for hidden_columns/visible_columns (mutually exclusive), and tightens sharing and error-output behavior across the board.

⭐️ Highlights

Open the same notebook in a second tab

Opening a notebook in a second browser tab no longer forcibly disconnects the first. The new tab joins as a live, read-only viewer, and you can take over editing from either side with a single click — no destructive modal and no reload required (#​9746).

Screen.Recording.2026-06-01.at.3.31.17.PM.mov

Show and hide table columns

mo.ui.table now supports column visibility. Hide and show columns from the column header menu, Column Explorer with a click, find columns fast with smart prefix-based search, and control initial visibility from Python. A hidden-count and "Unhide all" link keep things discoverable (#​9687, #​9696).

Screen.Recording.2026-05-26.at.6.35.04.PM.mov

Cells with no output now show in slides

Because slides allow code edits, a slide edited to no longer produce an output used to disappear from the deck entirely. Such cells now appear in the slides minimap and viewer so you can edit them back in (they're still skipped during a presentation). Minimap thumbnails are also larger and more readable (#​9771).

Screen.Recording.2026-06-03.at.2.25.46.PM.mov

✨ Enhancements

• Add MARIMO_RESTRICT_SHARING env var machine-wide (#​9756)
• Non-destructive local takeover (read-only viewer + bidirectional takeover) (#​9746)
• Add cells with no output to the minimap & viewer (#​9771)
• Add GET /api/kernel/status endpoint (#​9768)
• Enforce sharing config as server-side security (#​9578)
• Add filter param for regex and callable filtering (#​9667)
• Slides config panel open by default (#​9737)
• Add pair with agent link (#​9738)
• Add Opus 4.8 and script to append models to the top (#​9723)
• Remove mapping for 'src' to 'auto-mix-prep' (#​9725)
• Add workflow to automate running llm-sync-models script (#​9724)
• Automation script to pull models.yml (#​9635)
• Support Dremio ADBC data source browsing (#​9694)
• Add auto_close_pairs setting (#​9711)
• WASM compatibility rule checks (#​9587)
• Fix dropped error hints and improve error output UI (#​9673)
• Column Explorer visibility controls + smart-search (#​9696)
• Sort toml entries when writing config (#​9686)
• Pretty format hidden variable behavior in stack traces (#​9660)
• Add column visibility kwargs and UI controls (#​9687)
• Unified filter pill UI with overflow strip (#​9638)
• Add padding between cell number and minimap dependency lines (#​9675)

🐛 Bug fixes

• Escape user-controlled file_key in service worker injection (#​9789)
• Fix completions in slides view (#​9769)
• Arg/kwarg collision for local numpy vars in caching (#​9751)
• Suppress marimo hover tooltip for all LSP providers, not just pylsp (#​9741)
• Fix SQL defs lookup (#​9754)
• Keep stepped range progress totals aligned (#​9582)
• Per-provider max_tokens defaults with optional override (#​9703)
• Accept ChartDataType in mo.ui.table to resolve pyright error when passing chart.value (#​9674)
• Jump to running notebook cells only (#​9707)
• Fix mo.cache raising KeyError: 'scratch' in scratchpad (#​9664)
• Fix interruption for pydantic-ai chatbot (#​9620)
• Preserve top level names for name thrashing (#​9695)
• Lazy download-size RPC + first-page extrapolation (#​9691)

📚 Documentation

• Add config to disable AI (#​9739)
• Update molab docs with new compute and sharing features (#​9748)

📝 Other changes

• Don't shadow builtin print unless mo.Thread is used (#​9765, #​9766)
• Zz/zt/zb scroll for notebook viewport (#​9701, #​9728)
• Add rule to prevent test files from having the same name (#​9671)

Contributors

Thanks to all our community and contributors who made this release possible: @​akshayka, @​corleyma, @​dmadisetti, @​everettroeth, @​foxcroftjn, @​GHX5T-SOL, @​kirangadhave, @​kjgoodrick, @​kratos0718, @​Light2Dark, @​mscolnick, @​nojaf, @​Rowlando13, @​VishakBaddur, @​XanthanGum

And especially to our new contributors:

• @​everettroeth made their first contribution in #​9664
• @​foxcroftjn made their first contribution in #​9686
• @​GHX5T-SOL made their first contribution in #​9582
• @​kratos0718 made their first contribution in #​9667
• @​XanthanGum made their first contribution in #​9725

Full Changelog: marimo-team/marimo@0.23.8...0.23.9

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.