build(deps-dev): bump anywidget from 0.10.0 to 0.11.0 in /pywry

[dependabot]

Bumps anywidget from 0.10.0 to 0.11.0.

Release notes

Sourced from anywidget's releases.

anywidget@0.11.0

This release implements the widget composition RFC shared earlier this year. All changes are additive: existing widgets keep working without modification.

Background

For the past year, anywidget has predominantly been in maintenance mode. The library works, and the community has been expanding on both ends (more host platforms and more widgets shipped on top of it).

A stretch of stability also tends to surface what's still missing. One pattern that kept coming up (#28, #193, #855) was a different kind of widget than the AFM had been designed around.

Prior to v0.11, anywidget was a good fit for widgets that own a self-contained piece of the screen (a chart, a map, a control). Two limitations got in the way of anything else:

• Composition was left to the host. A widget that wanted to lay out other widgets had to be expressed using whatever container the host provides (ipywidgets.HBox / ipywidgets.VBox in Jupyter, mo.hstack / mo.vstack in marimo). Container widgets that ship as a single anywidget primitive were not expressible.
• Shared interfaces were limited to model state. The only thing one widget could know about another was what was exposed on the synced model. Calling panTo(lat, lng) or highlight(rowId) on another widget on the page had to round-trip through a synced trait.

v0.11 closes both gaps with three additions to the front-end contract.

For the full narrative, see the blog post: anywidgets All the Way Down.

For the formal spec, see the updated AFM specification.

What's new

signal (AbortSignal) on initialize and render (#974)

Both initialize and render now receive an AbortSignal via the signal prop. The host aborts it when the widget is destroyed (or during HMR). This is the preferred way to manage cleanup going forward, since it composes with web platform APIs that already accept an AbortSignal (addEventListener, fetch, child widgets):

// before
export default {
  render({ model, el }) {
    let handler = () => { /* ... */ };
    el.addEventListener("click", handler);
    return () => el.removeEventListener("click", handler);
  },
};
// after
export default {
render({ model, el, signal }) {
el.addEventListener("click", () => { /* ... */ }, { signal });
},
};

Returning a cleanup callback from render (or initialize) still works, so existing widgets need no changes. New code is encouraged to prefer signal.

initialize MAY return an exports object (#974)

initialize runs once per widget instance. In v0.11, it MAY return a plain object: the widget's exports. The host stores it and exposes it to other widgets that resolve this one as a reference (next section).

... (truncated)

Commits

• 5789879 Version Packages (#986)
• 4d15a1f Draft v0.11 release blog post (#991)
• bd746a4 chore(deps): bump esbuild from 0.21.5 to 0.28.0 in the prod-dependencies grou...
• c575c88 chore(deps-dev): bump @​typescript/native-preview from 7.0.0-dev.20260410.1 to...
• aec303e chore(deps): bump @​types/node from 12.20.55 to 25.6.0 (#981)
• 77c5b81 chore(deps): bump react-dom and @​types/react-dom (#982)
• cb1f469 chore(deps-dev): bump the dev-dependencies group across 1 directory with 3 up...
• b76b9c6 Fix orphaned ready promise on widget rebind (#988)
• 0399b9a Fix HMR race when _esm changes during widget load (#987)
• bad65ae Rename snake_case identifiers to camelCase (#977)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)