Skip to content

Master 4.2.0#3804

Merged
T4rk1n merged 417 commits into
masterfrom
master-4.2.0
Jun 1, 2026
Merged

Master 4.2.0#3804
T4rk1n merged 417 commits into
masterfrom
master-4.2.0

Conversation

@T4rk1n
Copy link
Copy Markdown
Contributor

@T4rk1n T4rk1n commented Jun 1, 2026

No description provided.

camdecoster and others added 30 commits March 25, 2026 14:21
@camdecoster
Merge branch 'dev' into patch-1
d97f9bc
@T4rk1n
Merge branch 'dev' into bugfix/loading-all-wildcard-3619
80b1213
@camdecoster
Add changelog entry (and fix some markdown)
ea1af01
@camdecoster
Merge pull request #3523 from corebit-nl/patch-1
c1a9cd9 
Fallback on background callback function names if source cannot be found
@i-murray
fix: use attribute selector for dict id in loading test
8da44c1 
The test_ldcp010_loading_component_target_components test used an ID selector built from stringify_id(...), but this contains special characters that are not safe in a CSS #id selector. Now switched to an attribute selector form so Selenium can find the element.

This surfaced after duplicate test names were resolved in a previous commit, which allowed this test to run and expose the selector issue.
@i-murray
Merge branch 'dev' into bugfix/loading-all-wildcard-3619
3fcd2c9
@T4rk1n
put 14 days minimum release age for dependabot
b18fdfd
@T4rk1n
group up dependabot security updates
ee1fb3f
@T4rk1n
only allow safe to update dcc dependabot
7fa111f
@T4rk1n
narrow other dependencies
2ee42bb
@T4rk1n
exclude plotly directory
7c8c47d
@T4rk1n
minimum-release-age -> cooldown
26c6752
@T4rk1n
fix dcc build
cb12671
@T4rk1n
bump browserlist dash-table
b97a99f
@T4rk1n
npm audit fix
e97d6d6
@T4rk1n
fix linting
608aa7b
@T4rk1n
fix black
f0fabb9
@T4rk1n
wait for table after sort
b494ad3
@T4rk1n
Merge pull request #3709 from plotly/fix/dependabot-too-much
38ae498 
Improved dependabot config
@dependabot
Bump the npm-dependencies-security group across 1 directory with 5 up…
78f760e 
…dates

Bumps the npm-dependencies-security group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.0.3` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `5.0.2` | `5.0.5` |
| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |
| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |
| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |
| [tar](https://github.com/isaacs/node-tar) | `7.5.7` | `7.5.11` |



Updates `glob` from 10.4.5 to 10.5.0
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](isaacs/node-glob@v10.4.5...v10.5.0)

Updates `brace-expansion` from 1.1.12 to 1.1.13
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@v1.1.12...v1.1.13)

Updates `brace-expansion` from 2.0.2 to 2.0.3
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@v1.1.12...v1.1.13)

Updates `brace-expansion` from 5.0.2 to 5.0.5
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@v1.1.12...v1.1.13)

Updates `handlebars` from 4.7.8 to 4.7.9
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.8...v4.7.9)

Updates `picomatch` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.3.1...2.3.2)

Updates `picomatch` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.3.1...2.3.2)

Updates `tar` from 7.5.7 to 7.5.11
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v7.5.7...v7.5.11)

---
updated-dependencies:
- dependency-name: glob
  dependency-version: 10.5.0
  dependency-type: indirect
  dependency-group: npm-dependencies-security
- dependency-name: brace-expansion
  dependency-version: 1.1.13
  dependency-type: indirect
  dependency-group: npm-dependencies-security
- dependency-name: brace-expansion
  dependency-version: 2.0.3
  dependency-type: indirect
  dependency-group: npm-dependencies-security
- dependency-name: brace-expansion
  dependency-version: 5.0.5
  dependency-type: indirect
  dependency-group: npm-dependencies-security
- dependency-name: handlebars
  dependency-version: 4.7.9
  dependency-type: indirect
  dependency-group: npm-dependencies-security
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
  dependency-group: npm-dependencies-security
- dependency-name: picomatch
  dependency-version: 4.0.4
  dependency-type: indirect
  dependency-group: npm-dependencies-security
- dependency-name: tar
  dependency-version: 7.5.11
  dependency-type: indirect
  dependency-group: npm-dependencies-security
...

Signed-off-by: dependabot[bot] <support@github.com>
@terminalchai
fix: align slider marks with empty labels
3dc4abb
@T4rk1n
Merge pull request #3718 from plotly/dependabot/npm_and_yarn/npm-depe…
fa21fcb 
…ndencies-security-85fca336ca

Bump the npm-dependencies-security group across 1 directory with 5 updates
@dependabot
Bump the npm-dependencies-security group across 1 directory with 1 up…
fc7fe59 
…date

Bumps the npm-dependencies-security group with 1 update in the / directory: [minimatch](https://github.com/isaacs/minimatch).


Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `minimatch` from 9.0.5 to 9.0.9
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `minimatch` from 10.2.2 to 10.2.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm-dependencies-security
- dependency-name: minimatch
  dependency-version: 9.0.9
  dependency-type: indirect
  dependency-group: npm-dependencies-security
- dependency-name: minimatch
  dependency-version: 10.2.5
  dependency-type: indirect
  dependency-group: npm-dependencies-security
...

Signed-off-by: dependabot[bot] <support@github.com>
@ines-om
Fix #2989: Preserve option order during dcc.Dropdown search
54cd282 
When searching in dcc.Dropdown, results should maintain the
original option order instead of being reordered by js-search.
By creating a Set of search results and filtering the original
options array, we preserve order while maintaining performance.
@ines-om
Fix #2989, #2667: Add search_order prop to control dropdown result or…
57f4125 
…dering

- Adds new search_order prop with 'index' (default) and 'original' options ordering
- Changed 4 integration tests to include new prop
@T4rk1n
Merge pull request #3724 from plotly/dependabot/npm_and_yarn/npm-depe…
3a7744f 
…ndencies-security-5fb40c41d1

Bump the npm-dependencies-security group across 1 directory with 1 update
@Francisc0C
Fix #3030: Selection for DataTable cleared with custom action settings
286c212 
In derivedPropsHelper.ts, selected rows may be invalidated when sorting,
filtering or changing pages, while using custom action settings.

Invalidation happens when sorting, filtering or pagination actions are
set to custom and their values change.

The code does not check wether the same callback also provides a new
selected_rows value.

Because invalidation runs inside a setTimeout(..., 0), when a callback
updates both selection and sorting, filtering or pagination, the
selection briefly appears and clears, causing a visible "flicker".

To fix this, before invalidating the selection, we simply have to
check wether selected_rows actually changed in the current callback.

The selection is only cleared if it did not change, preventing the
invalidation of the sent selection.
@ines-om
Add changelog entry
b6fcc4a
@Francisc0C @AnnMarieW
Fix #3030: Apply suggestion from @AnnMarieW
519526c 
Co-authored-by: Ann Marie Ward <72614349+AnnMarieW@users.noreply.github.com>
@Francisc0C
Fix #3030: Add changelog entry
7a23cf8
T4rk1n and others added 24 commits May 28, 2026 12:23
@T4rk1n
deep clone dcc graph figure layout
7ecedb9
@camdecoster
Merge pull request #3768 from AnnMarieW/improve-dropdown-performance
b5ce179 
optimize dropdown search
@T4rk1n
Merge branch 'dev' into fix/graph-patch-clicks
776c6e1
@T4rk1n
Merge pull request #3785 from plotly/fix/graph-patch-clicks
051b423 
Fix graph patch & duplicate clicks
@camdecoster
Merge branch 'dev' into dependabot/npm_and_yarn/npm-dependencies-secu…
16c369f 
…rity-32e07c5719
@AnnMarieW
fix: use stable keys for virtualized dropdown rows
2b0a7d1
@T4rk1n
remove ActiveCallbackRegistry & callback adoption
3892cd4
@T4rk1n
Merge branch 'dev' into fix/ws-connection-management
c07643c
@AnnMarieW
add test
be60884
@AnnMarieW
add changelog
01b57fb
@AnnMarieW
lint
3988d1c
@camdecoster
Merge pull request #3763 from plotly/dependabot/npm_and_yarn/npm-depe…
ffe259c 
…ndencies-security-32e07c5719

Bump ip-address from 10.1.0 to 10.2.0 in the npm-dependencies-security group across 1 directory
@AnnMarieW
Merge branch 'dev' into fix-dropdown-search-crash
d32715c
@camdecoster
Merge pull request #3799 from AnnMarieW/fix-dropdown-search-crash
3ef77c5 
fix: dropdown search crash
@T4rk1n
init app check instead of backend blueprint check
81f148f
@T4rk1n
Merge branch 'dev' into fix/init-flask-run-command
8cdf6fc
@T4rk1n
Merge pull request #3798 from plotly/fix/init-flask-run-command
715dae8 
fix blueprint registering and double init
@T4rk1n
Merge branch 'dev' into fix/ws-connection-management
e15ef05
@T4rk1n
add configuration for heartbeat and proper te\sts for reconnect
8c2329f
@T4rk1n
Merge pull request #3797 from plotly/fix/ws-connection-management
c41939b 
improved websocket connection management
@T4rk1n
Version 4.2.0
6c3fdab
@T4rk1n
Merge pull request #3803 from plotly/version-4.2.0
d0f78b6 
Version 4.2.0
@T4rk1n
Merge branch 'dev' into master-4.2.0
ed2363d
@T4rk1n
build artifacts for 4.2.0
3b483d1
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Jun 1, 2026

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
1.6% Duplication on New Code

See analysis details on SonarQube Cloud

@T4rk1n T4rk1n merged commit 805b3ce into master Jun 1, 2026
32 of 36 checks passed
@T4rk1n T4rk1n deleted the master-4.2.0 branch June 1, 2026 20:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ndrezn ndrezn Awaiting requested review from ndrezn ndrezn is a code owner

@camdecoster camdecoster Awaiting requested review from camdecoster camdecoster is a code owner

@KoolADE85 KoolADE85 Awaiting requested review from KoolADE85 KoolADE85 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.