Update setup.py

Bump ipywidgets >=8.0 to resolve CVEs: ``` -> Vulnerability found in ipywidgets version 7.8.1 Vulnerability ID: 50664 Affected spec: <8.0.0 ADVISORY: Ipywidgets 8.0.0 sanitizes descriptions by default.jupyter-widgets/ipywidgets#2785 PVE-2022-50664 For more information about this vulnerability, visit https://data.safetycli.com/v/50664/97c To ignore this vulnerability, use PyUp vulnerability id 50664 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in ipywidgets version 7.8.1 Vulnerability ID: 50463 Affected spec: <8.0.0rc2 ADVISORY: Ipywidgets 8.0.0rc2 makes descriptions plaintext by default for security.jupyter-widgets/ipywidgets#2785 PVE-2022-50463 For more information about this vulnerability, visit https://data.safetycli.com/v/50463/97c To ignore this vulnerability, use PyUp vulnerability id 50463 in safety’s ignore command-line argument or add the ignore to your safety policy file. ```
dazza-codes · Mar 26, 2024 · fb5e73f · fb5e73f
1 parent 4932e76
commit fb5e73f
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/bindings/kepler.gl-jupyter/setup.py b/bindings/kepler.gl-jupyter/setup.py
@@ -64,7 +64,7 @@
     'long_description': LONG_DESCRIPTION,
     'include_package_data': True,
     'install_requires': [
-        'ipywidgets>=7.0.0,<8',
+        'ipywidgets>=8.0.0',
         'traittypes>=0.2.1',
         'geopandas>=0.5.0',
         'pandas>=0.23.0',