So I'm moving a generic bug issue across the Jupyter projects to the security workgroup.
It's not yet a security issue, but the practices are recent modification are raising concern.

Quick summary:

• There was a few bug report of "trusted" notebook that would not be trusted upon reopen.
• I tracked part of that down to notebook notary/nbformat API.
• The sequence of event is compute-notebook-signature, validate-and-save (no errors), load-notebook but signature does not match.
• The problem being that the "validate" step, try to helpfully fix any inconsistency AND mutate it's input arguments.

Once validate started to do some mutation and fixing, it has proliferated, and what used to be a check is now not only not a check anymore, but creates unintended side-effect in notebook models.

SO I would appreciate help in pushing for a new cleaner API in nbformat, making sure validate(), does not mutate anything introducing likely an explicit normalized() (returning a copy), utilities, and updating downstream projects.

See jupyter/nbformat#282