Support storybook 7.0 #23

yannbf · 2023-03-31T14:07:02Z

Preparing for the release of Storybook 7!

📦 Published PR as canary version: 0.0.11--canary.23.9a91830.0

✨ Test out this PR locally via:

npm install @storybook/jest@0.0.11--canary.23.9a91830.0
# or 
yarn add @storybook/jest@0.0.11--canary.23.9a91830.0

Version

Published prerelease version: v0.1.1-next.0

Changelog

socket-security · 2023-03-31T14:08:04Z

New dependency changes detected. Learn more about Socket for GitHub ↗︎

🚨 Potential security issues found in this pull request. To accept the risk, merge this PR and you will not be notified again.

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

@SocketSecurity ignore ajv@6.12.6
@SocketSecurity ignore ajv@8.12.0
@SocketSecurity ignore expect@27.5.1
@SocketSecurity ignore is-callable@1.2.7
@SocketSecurity ignore jest-diff@27.5.1
@SocketSecurity ignore js-yaml@3.14.1
@SocketSecurity ignore lodash@4.17.21
@SocketSecurity ignore object-inspect@1.12.3
@SocketSecurity ignore pretty-format@27.5.1

⚠️ Uses eval

Package uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Avoid packages that use eval, since this could potentially execute any code.

Package	Eval Type	Location	Source
ajv@6.12.6 (added)	Function	dist/ajv.bundle.js	`package.json` via @storybook/linter-config@3.1.2
ajv@6.12.6 (added)	Function	lib/compile/index.js	`package.json` via @storybook/linter-config@3.1.2
ajv@8.12.0 (added)	Function	dist/compile/index.js	`package.json` via @storybook/linter-config@3.1.2
ajv@8.12.0 (added)	Function	dist/compile/jtd/parse.js	`package.json` via @storybook/linter-config@3.1.2
expect@27.5.1 (added)	Function	build/index.js	`package.json`
expect@27.5.1 (added)	Function	build/index.js	`package.json`
expect@27.5.1 (added)	Function	build/index.js	`package.json`
expect@27.5.1 (added)	Function	build/utils.js	`package.json`
is-callable@1.2.7 (added)	Function	test/index.js	`package.json` via @auto-it/first-time-contributor@10.43.0, @storybook/linter-config@3.1.2, @testing-library/jest-dom@5.16.5
is-callable@1.2.7 (added)	Function	test/index.js	`package.json` via @auto-it/first-time-contributor@10.43.0, @storybook/linter-config@3.1.2, @testing-library/jest-dom@5.16.5
jest-diff@27.5.1 (added)	Function	build/index.js	`package.json` via expect@27.5.1
js-yaml@3.14.1 (added)	Function	dist/js-yaml.js	`package.json` via @storybook/linter-config@3.1.2
js-yaml@3.14.1 (added)	Function	dist/js-yaml.js	`package.json` via @storybook/linter-config@3.1.2
js-yaml@3.14.1 (added)	Function	lib/js-yaml/type/js/function.js	`package.json` via @storybook/linter-config@3.1.2
js-yaml@3.14.1 (added)	Function	lib/js-yaml/type/js/function.js	`package.json` via @storybook/linter-config@3.1.2
lodash@4.17.21 (added)	Function	_root.js	`package.json` via @storybook/linter-config@3.1.2, @testing-library/jest-dom@5.16.5
lodash@4.17.21 (added)	Function	template.js	`package.json` via @storybook/linter-config@3.1.2, @testing-library/jest-dom@5.16.5
object-inspect@1.12.3 (added)	Function	test/bigint.js	`package.json` via @auto-it/first-time-contributor@10.43.0, @storybook/linter-config@3.1.2, @testing-library/jest-dom@5.16.5
object-inspect@1.12.3 (added)	Function	test/bigint.js	`package.json` via @auto-it/first-time-contributor@10.43.0, @storybook/linter-config@3.1.2, @testing-library/jest-dom@5.16.5
object-inspect@1.12.3 (added)	Function	test/bigint.js	`package.json` via @auto-it/first-time-contributor@10.43.0, @storybook/linter-config@3.1.2, @testing-library/jest-dom@5.16.5
pretty-format@27.5.1 (added)	Function	build/plugins/AsymmetricMatcher.js	`package.json` via expect@27.5.1
pretty-format@27.5.1 (added)	Function	build/plugins/ReactTestComponent.js	`package.json` via expect@27.5.1

Pull request alert summary

Issue	Status
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script confusion	✅ 0 issues
Bin script shell injection	✅ 0 issues
Shell access	✅ 0 issues
Uses eval	⚠️ 22 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
GitHub dependency	✅ 0 issues
New author	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues

📊 Modified Dependency Overview:

🚮 Removed packages: @storybook/instrumenter@6.5.16

github-actions · 2023-04-03T08:42:32Z

🚀 PR was released in v0.1.0 🚀

Support Storybook 7.0.0

9a91830

yannbf added the patch Increment the patch version when merged label Mar 31, 2023

yannbf changed the base branch from main to next March 31, 2023 14:07

yannbf merged commit a531c7b into next Mar 31, 2023
3 of 4 checks passed

yannbf deleted the feat/prepare-for-sb7 branch March 31, 2023 14:13

github-actions bot added the prerelease This change is available in a prerelease. label Mar 31, 2023

github-actions bot added released This issue/pull request has been released. and removed prerelease This change is available in a prerelease. labels Apr 3, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support storybook 7.0 #23

Support storybook 7.0 #23

yannbf commented Mar 31, 2023 •

edited by github-actions bot

socket-security bot commented Mar 31, 2023

github-actions bot commented Apr 3, 2023

Support storybook 7.0 #23

Support storybook 7.0 #23

Conversation

yannbf commented Mar 31, 2023 • edited by github-actions bot

Version

socket-security bot commented Mar 31, 2023

github-actions bot commented Apr 3, 2023

yannbf commented Mar 31, 2023 •

edited by github-actions bot