Update dependency jupyterlab to v4.2.5 [SECURITY] (#279)

### GitHub Vulnerability Alerts

####
[CVE-2024-43805](https://togithub.com/jupyterlab/jupyterlab/security/advisories/GHSA-9q39-rmj3-p4r2)

### Impact

The vulnerability depends on user interaction by opening a malicious
notebook with Markdown cells, or Markdown file using JupyterLab preview
feature.

A malicious user can access any data that the attacked user has access
to as well as perform arbitrary requests acting as the attacked user.

### Patches

JupyterLab v3.6.8, v4.2.5 and Jupyter Notebook v7.2.2 were patched.

### Workarounds

There is no workaround for the underlying DOM Clobbering susceptibility.
However, select plugins can be disabled on deployments which cannot
update in a timely fashion to minimise the risk. These are:
- `@jupyterlab/mathjax-extension:plugin` - users will loose ability to
preview mathematical equations
- `@jupyterlab/markdownviewer-extension:plugin` - users will loose
ability to open Markdown previews
- `@jupyterlab/mathjax2-extension:plugin` (if installed with optional
`jupyterlab-mathjax2` package) - an older version of the mathjax plugin
for JupyterLab 4.x

To disable these extensions run:

```bash
jupyter labextension disable @​jupyterlab/markdownviewer-extension:plugin
jupyter labextension disable @​jupyterlab/mathjax-extension:plugin
jupyter labextension disable @​jupyterlab/mathjax2-extension:plugin
```

To confirm that the plugins were disabled run:

```bash
jupyter labextension list
```

### References

None

### Notes

This change has a potential to break rendering of some markdown. There
is a setting in Sanitizer which allows to revert to the previous
sanitizer settings (`allowNamedProperties`).

---

### Release Notes

<details>
<summary>jupyterlab/jupyterlab (jupyterlab)</summary>

###
[`v4.2.5`](https://togithub.com/jupyterlab/jupyterlab/releases/tag/v4.2.5)

[Compare
Source](https://togithub.com/jupyterlab/jupyterlab/compare/v4.2.4...v4.2.5)

#### 4.2.5

([Full
Changelog](https://togithub.com/jupyterlab/jupyterlab/compare/v4.2.4...58d75355ed837d060d4df4bed4631c1fdb9d7e1a))

##### Bugs fixed

- Use locale name instead of display/native name to toggle language
[#&#8203;16710](https://togithub.com/jupyterlab/jupyterlab/pull/16710)
([@&#8203;maitreya2954](https://togithub.com/maitreya2954))
- Prevent replacing code with find and replace in read-only cells
[#&#8203;16682](https://togithub.com/jupyterlab/jupyterlab/pull/16682)
([@&#8203;itsmevichu](https://togithub.com/itsmevichu))
- Do not block shift-click mouse up handler on active cell
[#&#8203;16647](https://togithub.com/jupyterlab/jupyterlab/pull/16647)
([@&#8203;EdsterG](https://togithub.com/EdsterG))

##### Maintenance and upkeep improvements

- Bump braces from 3.0.2 to 3.0.3
[#&#8203;16486](https://togithub.com/jupyterlab/jupyterlab/pull/16486)
([@&#8203;dependabot\[bot\]](https://togithub.com/apps/dependabot))

##### Documentation improvements

- Fix JupyterLab install instructions in the debugger docs
[#&#8203;16683](https://togithub.com/jupyterlab/jupyterlab/pull/16683)
([@&#8203;jtpio](https://togithub.com/jtpio))

##### Contributors to this release

([GitHub contributors page for this
release](https://togithub.com/jupyterlab/jupyterlab/graphs/contributors?from=2024-07-18\&to=2024-08-26\&type=c))


[@&#8203;davidbrochart](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Adavidbrochart+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;fcollonval](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Afcollonval+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;github-actions](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Agithub-actions+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;HaudinFlorence](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3AHaudinFlorence+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;JasonWeill](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3AJasonWeill+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;jtpio](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Ajtpio+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;jupyterlab-probot](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Ajupyterlab-probot+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;krassowski](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Akrassowski+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;meeseeksmachine](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Ameeseeksmachine+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;Mehak261124](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3AMehak261124+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;Rob-P-Smith](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3ARob-P-Smith+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;tonyfast](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Atonyfast+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;welcome](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Awelcome+updated%3A2024-07-18..2024-08-26\&type=Issues)
|
[@&#8203;williamstein](https://togithub.com/search?q=repo%3Ajupyterlab%2Fjupyterlab+involves%3Awilliamstein+updated%3A2024-07-18..2024-08-26\&type=Issues)

</details>

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/gabrielfeo/develocity-api-kotlin).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC41Ni4wIiwidXBkYXRlZEluVmVyIjoiMzguNTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

examples/example-notebooks/requirements.txt

@@ -1,2 +1,2 @@
-jupyterlab==4.2.4
+jupyterlab==4.2.5
 kotlin-jupyter-kernel==0.12.0.217