Update dependency marimo to <0.24

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
marimo	<0.23 → <0.24

---

Release Notes

marimo-team/marimo (marimo)

v0.23.1

Compare Source

What's Changed

This release includes quality of life improvements to marimo slides, bug fixes to marimo islands that revive our quarto extension, a new lint rule, and minor security improvements.

⭐ Highlights

Slides minimap

Slide mode now has a minimap: a scrollable panel showing your cells at reduced scale, with click-to-navigate and drag-to-reorder support. It's performance-aware — cells only render in the minimap when they're in view.

Screen.Recording.2026-04-08.at.6.46.33.PM.mov

Islands revived

We've fixed many bugs with [marimo islands], a way to embed marimo outputs and/or Python code in other HTML. These fixes also make our quarto-marimo. (#​9071) extension compatible with this version of marimo as well.

Security

This release includes minor security improvements, including input sanitization, path traversal prevention, open redirect blocking, and auth endpoint hardening.

• Sanitize plugin output slots (marimo-mpl-interactive, marimo-panel) to prevent script injection (#​9133)
• Restrict head_html injection to run mode only (#​9137)
• Prevent directory traversal via symlinks in asset serving (#​9134)
• Sanitize user-supplied custom.css (#​9131)
• Block open redirects via protocol-relative URLs (e.g. //evil.com) (#​9112)
• Restrict health endpoint exposure and add path validation for document writes (#​9115)

We've also updated our security documentation with a standard operating procedure for future disclosures (#​9114).

Thank You. The enthusiasm following our recent CVE disclosure is a testament to what a healthy open-source community looks like. A special thank you to @​GCXWLP, @​Jvr2022, @​offset, @​l3tchupkt, @​Fushuling, @​RacerZ-fighting, and @​q1uf3ng for their engagement and reports during this sprint. It takes a community to keep FOSS secure. We're lucky to have this one!

All changes

• fix: sanitize marimo-mpl-interactive marimo-panel by @​mscolnick in #​9133
• fix: restrict head_html to run by @​dmadisetti in #​9137
• fix: don't follow symlinks in assets.py by @​mscolnick in #​9134
• fix: sanitize custom.css by @​mscolnick in #​9131
• fix: prevent open redirect via protocol-relative URLs by @​mscolnick in #​9112
• chore: reported code scanning issues by @​dmadisetti in #​9115
• docs: Update security docs for 0.23.0 and outline SOP by @​dmadisetti in #​9114
• improvement: revive islands by @​mscolnick in #​9071
• feat: Lint rule to detect ordering discrepancies on top level functions by @​dmadisetti in #​8996
• add slides minimap by @​Light2Dark in #​9097
• Fix mo.ui.matplotlib rendering on browser zoom by @​manzt in #​9125
• fix: handle mixed-type column sorting in data table by @​kirangadhave in #​9102
• fix: add requires() to set_ui_element_value, set_model_value, function_call by @​mscolnick in #​9113
• fix: wrap plugin slot in TooltipProvider to fix tooltip regression by @​mscolnick in #​9126
• fix keyboard shortcuts for input elements inside shadow DOM by @​Light2Dark in #​9105
• don't render data-tooltips for marimo components with tooltips by @​Light2Dark in #​9129
• fix: minor fixes to the data-table by @​kirangadhave in #​9100
• fix: added exception handling to _style_cells by @​kirangadhave in #​9101
• additional ruff fixes by @​Light2Dark in #​9132
• Ruff autofixes + some manual changes by @​Light2Dark in #​9121
• chore: bump ruff target-version to py310 by @​kirangadhave in #​9118
• fix: bump ruff version in pytest_changed plugin to 0.15.9 by @​kirangadhave in #​9135
• tests: verify empty env vars by @​mscolnick in #​9130

Full Changelog: marimo-team/marimo@0.23.0...0.23.1

v0.23.0

Compare Source

Security Announcement

This release contains important security updates for CVE-2026-39987. See Terminal WebSocket Authentication Bypass

The /terminal/ws endpoint is accessible without authentication on default marimo installations. This allows for unauthenticated users to remote execute code via this endpoint.

Who is affected

• If you have deployed marimo as an editable notebook (not an application) to the public internet and only using marimo’s built-in authentication.
• If you expose marimo to your shared network using --host 0.0.0.0 and while in edit mode (not an application).

Likely not affected

You are not affected if any of these are true.

• If you have your own authentication proxy on top of editable marimo notebooks.
• If you are not exposing marimo to the public internet
• If you are running marimo as an application (in run mode)
• WebAssembly (WASM) notebooks are not affected
• molab is not affected

Please upgrade to 0.23.0 or later.

What's Changed

• chore: harden df numeric checking by @​dmadisetti in #​9086
• docs: marimo pair by @​akshayka in #​9089
• fix: Tab in AI chat triggers autocomplete instead of indenting (#​5718) by @​mscolnick in #​9069
• feat: indicate server side installations by @​dmadisetti in #​8998
• fix: reset Plotly axis settings when switching between different chart types by @​mscolnick in #​9067
• fix: table filtering by NaN in pandas string columns by @​kirangadhave in #​9092
• docs: fix a misformatted markdown link by @​YDX-2147483647 in #​9093
• fix use API.get for pair with agent modal by @​mscolnick in #​9090
• feat: Accept suggestion on Enter (frontend-only localStorage pref) by @​alwaysahustler in #​9016
• feat(plotly): add reactive violin plot selection support by @​axsseldz in #​9011
• feat(plotly): add reactive area chart selection support by @​axsseldz in #​9046
• fix: properly authenticate terminal route by @​mscolnick in #​9098
• release: 0.23.0 by @​mscolnick in #​9099

Full Changelog: marimo-team/marimo@0.22.5...0.23.0

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.