Skip to content
This repository has been archived by the owner on Mar 6, 2024. It is now read-only.

Upgrade to storybook 7 #25

Merged
merged 8 commits into from
Apr 11, 2023
Merged

Upgrade to storybook 7 #25

merged 8 commits into from
Apr 11, 2023

Conversation

ShaunEvening
Copy link
Contributor

@ShaunEvening ShaunEvening commented Apr 11, 2023
edited by github-actions bot
Loading

📦 Published PR as canary version: 1.0.1-canary.25.fe6c242.0

✨ Test out this PR locally via:

npm install @storybook/[email protected]
# or 
yarn add @storybook/[email protected]

Shaun Lloyd and others added 7 commits March 15, 2023 17:22
Create prerelease flow
d9c2121
@k35o
fix/escape empty class name (#14)
75b28bc
Bump major version
d47f0d0 
signify the breaking changes of moving to storybook 7
Bump next by major version (#15)
1b3595b 
Update README with Release flow
Allow multiple classes in withThemeByClassName (#16)
3c46c58 
Port fix from #10
Upgrade to storybook 7 (#23)
9a8f828 
* Update local testing setup
* Add generic to decorators for typescript users
* Require loaders for styling config
* Upgrade to Storybook 7
* Update css modules config for css-loader 6.x.x
Update docs to specify storybook version (#24)
7e15925 
* Manage version branches with auto
* Update docs to specify Storybook version
@ShaunEvening ShaunEvening added the major Increment the major version when merged label Apr 11, 2023
@ShaunEvening ShaunEvening self-assigned this Apr 11, 2023
@socket-security
Copy link

New dependency changes detected. Learn more about Socket for GitHub ↗︎

🚨 Potential security issues found in this pull request. To accept the risk, merge this PR and you will not be notified again.

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] bar@* or ignore all packages with @SocketSecurity ignore-all

📜 Install scripts

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Package Script field Source
[email protected] (added) postinstall package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @vitejs/[email protected], [email protected], [email protected], [email protected]
😵‍💫 Bin script confusion

This package has multiple bin scripts with the same name. This can cause non-deterministic behavior when installing or could be a sign of a supply chain attack

Consider removing one of the conflicting packages. Packages should only export bin scripts with their name

Package Bin script Source
@storybook/[email protected] (added) sb package.json via [email protected]
[email protected] (added) sb package.json
⚠️ Shell access

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Packages should avoid accessing the shell which can reduce portability, and make it easier for malicious shell access to be introduced.

Package Module Location Source
@aw-web-design/[email protected] (added) child_process src/detect-linux.js package.json via [email protected]
@aw-web-design/[email protected] (added) child_process src/detect-windows.js package.json via [email protected]
@aw-web-design/[email protected] (added) child_process src/detect-windows10.js package.json via [email protected]
@storybook/[email protected] (added) child_process dist/generate.js package.json via [email protected]
@storybook/[email protected] (upgraded) child_process dist/index.js package.json via [email protected]
@storybook/[email protected] (upgraded) child_process dist/index.mjs package.json via [email protected]
[email protected] (upgraded) child_process lib/address.js package.json via [email protected]
[email protected] (upgraded) child_process lib/index.js package.json via @storybook/[email protected]
[email protected] (added) child_process dist/index.js package.json via [email protected]
[email protected] (added) child_process index.js package.json via @storybook/[email protected], @storybook/[email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
[email protected] (upgraded) child_process index.js package.json via @storybook/[email protected], [email protected], [email protected], [email protected]
[email protected] (added) child_process dist/envinfo.js package.json via [email protected]
[email protected] (added) child_process install.js package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @vitejs/[email protected], [email protected], [email protected], [email protected]
[email protected] (added) child_process lib/main.js package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @vitejs/[email protected], [email protected], [email protected], [email protected]
[email protected] (upgraded) child_process index.js package.json via [email protected]
[email protected] (upgraded) child_process index.js package.json via [email protected], [email protected]
[email protected] (added) child_process dist/gitlog.cjs.development.js package.json via [email protected]
[email protected] (added) child_process dist/gitlog.cjs.production.min.js package.json via [email protected]
[email protected] (added) child_process dist/gitlog.esm.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/jakefile.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/lib/package_task.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/lib/publish_task.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/lib/utils/index.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/concurrent.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/file_task.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/file.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/helpers.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/jakelib/rule.jake.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/publish_task.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/rule.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/selfdep.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/task_base.js package.json via [email protected]
[email protected] (added) child_process jake-v10.8.5/test/integration/task_base.js package.json via [email protected]
[email protected] (upgraded) child_process build/crawlers/node.js package.json via @storybook/[email protected]
[email protected] (upgraded) child_process build/lib/isWatchmanInstalled.js package.json via @storybook/[email protected]
[email protected] (upgraded) child_process build/workers/ChildProcessWorker.js package.json via @storybook/[email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
[email protected] (upgraded) child_process build/workers/ChildProcessWorker.js package.json via @storybook/[email protected]
[email protected] (added) child_process dist/Runner.js package.json via [email protected]
[email protected] (added) child_process src/Runner.js package.json via [email protected]
[email protected] (upgraded) child_process index.js package.json via [email protected]
[email protected] (upgraded) child_process index.js package.json via [email protected]
[email protected] (added) child_process lib/Launcher.js package.json via [email protected]
[email protected] (added) child_process lib/resolvers.js package.json via [email protected]
[email protected] (added) child_process src/exec-child.js package.json via [email protected]
[email protected] (added) child_process src/exec.js package.json via [email protected]
[email protected] (added) child_process index.js package.json via [email protected], [email protected]
[email protected] (added) child_process dist/child/spawn-child.js package.json via [email protected]
[email protected] (upgraded) child_process lib/tsserver.js package.json via @storybook/[email protected], @storybook/[email protected], [email protected], [email protected], [email protected]
[email protected] (upgraded) child_process lib/tsserver.js package.json via @storybook/[email protected], @storybook/[email protected], [email protected], [email protected], [email protected]
[email protected] (upgraded) child_process lib/typingsInstaller.js package.json via @storybook/[email protected], @storybook/[email protected], [email protected], [email protected], [email protected]
[email protected] (added) child_process check-npm-version.js package.json via @storybook/[email protected], @storybook/[email protected], @vitejs/[email protected], [email protected]
[email protected] (added) child_process index.js package.json via @storybook/[email protected], @storybook/[email protected], @vitejs/[email protected], [email protected]
[email protected] (added) child_process index.mjs package.json
⚠️ Uses eval

Package uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Avoid packages that use eval, since this could potentially execute any code.

Package Eval Type Location Source
@sinclair/[email protected] (added) Function compiler/compiler.js package.json via @storybook/[email protected]
@sinclair/[email protected] (added) Function errors/errors.js package.json via @storybook/[email protected]
@sinclair/[email protected] (added) Function value/cast.js package.json via @storybook/[email protected]
@sinclair/[email protected] (added) Function value/check.js package.json via @storybook/[email protected]
@sinclair/[email protected] (added) Function value/create.js package.json via @storybook/[email protected]
@storybook/[email protected] (upgraded) Function dist/formatter-UT3ZCDIS.mjs package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (upgraded) Function dist/formatter-UT3ZCDIS.mjs package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/index.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/chunk-Q4UME242.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/chunk-Q4UME242.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/chunk-Q4UME242.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/chunk-Q4UME242.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/chunk-Q4UME242.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/chunk-Q4UME242.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/chunk-Q4UME242.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/formatter-UT3ZCDIS-52LVTYWQ.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/formatter-UT3ZCDIS-52LVTYWQ.mjs package.json via [email protected]
@storybook/[email protected] (added) Function dist/runtime.js package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/runtime.js package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/runtime.js package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/runtime.js package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/runtime.js package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/runtime.mjs package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/runtime.mjs package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/runtime.mjs package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/runtime.mjs package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (added) Function dist/runtime.mjs package.json via @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (upgraded) Function dist/chunk-NQZQ3SVL.mjs package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (upgraded) Function dist/index.js package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected]
@storybook/[email protected] (upgraded) Function dist/utils.js package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected]
[email protected] (added) Function dist/ajv.bundle.js package.json via @storybook/[email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
[email protected] (added) Function lib/compile/index.js package.json via @storybook/[email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
[email protected] (added) Function dist/compile/index.js package.json via @storybook/[email protected]
[email protected] (added) Function dist/compile/jtd/parse.js package.json via @storybook/[email protected]
[email protected] (upgraded) Function index.js package.json via @storybook/[email protected], @storybook/[email protected], [email protected]
[email protected] (added) Function ejs-v3.1.9/ejs.js package.json via [email protected]
[email protected] (added) Function ejs-v3.1.9/ejs.js package.json via [email protected]
[email protected] (added) Function ejs-v3.1.9/ejs.min.js package.json via [email protected]
[email protected] (added) Function ejs-v3.1.9/ejs.min.js package.json via [email protected]
[email protected] (added) Function ejs-v3.1.9/lib/ejs.js package.json via [email protected]
[email protected] (added) Function ejs-v3.1.9/lib/ejs.js package.json via [email protected]
[email protected] (added) Function dist/envinfo.js package.json via [email protected]
[email protected] (added) Function dist/envinfo.js package.json via [email protected]
[email protected] (added) Function dist/cjs/handlebars/compiler/javascript-compiler.js package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], [email protected]
[email protected] (added) Function dist/cjs/handlebars/compiler/javascript-compiler.js package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], [email protected]
[email protected] (added) Function dist/handlebars.amd.js package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], [email protected]
[email protected] (added) Function dist/handlebars.amd.js package.json via @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], [@storybook/[email protected]](htt

@ShaunEvening ShaunEvening merged commit 4ee195a into main Apr 11, 2023
@ShaunEvening ShaunEvening deleted the upgrade-sb-7 branch April 11, 2023 15:06
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees

@ShaunEvening ShaunEvening

Labels
major Increment the major version when merged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ShaunEvening @k35o