Add widget assets and Malloy extra

[nicosuave]

Summary:

• add anywidget assets and JS build outputs for the notebook widget
• add malloy optional extra with a clear install hint when antlr4 is missing
• update README + widget demo notebook and packaging includes

Tests:

• bun run build
• uv run --extra dev pytest

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: bd17384945

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Preserve timestamp precision in date range

Here the computed min/max are truncated to date-only strings (isoformat()[:10]). When the time dimension is a timestamp (common), _build_filters later uses these values in a <= 'YYYY-MM-DD' predicate, which DuckDB treats as midnight. That drops all rows on the end date after 00:00, so the widget undercounts the last day. Keep the full timestamp, or make the end bound exclusive (e.g., < next_day) to avoid silently excluding data.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Escape dimension values in SQL filters

Dimension filter values are interpolated directly into SQL string literals. If a selected value contains a single quote (e.g., O'Reilly) or other special characters, the generated SQL becomes invalid and the widget errors. Since filter values come from user data, this is a realistic failure case. Use parameterized queries or escape quotes before embedding values.

Useful? React with 👍 / 👎.